Model-Driven Security Smell Resolution in Microservice Architecture Using LEMMA

Philip Wizenty, Francisco Ponce, Florian Rademacher, Jacopo Soldani, Hernán Astudillo, Antonio Brogi, Sabine Sachweh

Producción científica: Contribución a los tipos de informe/libroContribución a la conferenciarevisión exhaustiva

Resumen

Effective security measures are crucial for modern Microservice Architecture (MSA)-based applications as many IT companies rely on microservices to deliver their business functionalities. Security smells may indicate possible security issues. However, detecting security smells and devising strategies to resolve them through refactoring is difficult and expensive, primarily due to the inherent complexity of microservice architectures. This paper proposes a Model-driven approach to resolving security smells in MSA. The proposed method uses LEMMA as a concrete approach to model microservice applications. We extend LEMMA’s functionalities to enable the modeling of microservices’ security aspects. With the proposed method, LEMMA models can be processed to automatically detect security smells and recommend the refactorings that resolve the identified security smells. To test the effectiveness of the proposed method, the paper introduces a proof-of-concept implementation of the proposed LEMMA-based, automated microservices’ security smell detection and refactoring.

Idioma originalInglés
Título de la publicación alojadaSoftware Technologies - 18th International Conference, ICSOFT 2023, Revised Selected Papers
EditoresHans-Georg Fill, Francisco José Domínguez Mayo, Marten van Sinderen, Leszek A. Maciaszek
EditorialSpringer Science and Business Media Deutschland GmbH
Páginas29-49
Número de páginas21
ISBN (versión impresa)9783031617522
DOI
EstadoPublicada - 2024
Evento18th International Conference on Software Technologies, ICSOFT 2023 - Rome, Italia
Duración: 10 jul. 202312 jul. 2023

Serie de la publicación

NombreCommunications in Computer and Information Science
Volumen2104 CCIS
ISSN (versión impresa)1865-0929
ISSN (versión digital)1865-0937

Conferencia

Conferencia18th International Conference on Software Technologies, ICSOFT 2023
País/TerritorioItalia
CiudadRome
Período10/07/2312/07/23

Áreas temáticas de ASJC Scopus

  • Ciencia de la Computación General
  • Matemáticas General

Huella

Profundice en los temas de investigación de 'Model-Driven Security Smell Resolution in Microservice Architecture Using LEMMA'. En conjunto forman una huella única.

Citar esto