TY - GEN
T1 - To Security and Beyond
T2 - 49th Latin American Computing Conference, CLEI 2023
AU - Ponce, Francisco
AU - Soldani, Jacopo
AU - Taramasco, Carla
AU - Astudillo, Hernan
AU - Brogi, Antonio
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Microservices gained momentum in enterprise IT, as they enable building cloud-native applications. At the same time, they come with new security challenges, including security smells, viz., symptoms of bad (though often unintentional) design decisions that might affect application security. This study aims to explore the impacts of microservice security smells- and of the refactorings known to mitigate their effects-beyond security. In particular, we systematically elicit possible impacts of smells and refactorings on applications' maintainability, performance efficiency, and adherence to microservices' key design principles. We then validate the elicited impacts by means of an online survey targeting experienced practitioners and researchers. Our main contributions include 35 validated impacts, and a discussion of the survey results geared towards analyzing the (mis)alignment between practitioners and researchers.
AB - Microservices gained momentum in enterprise IT, as they enable building cloud-native applications. At the same time, they come with new security challenges, including security smells, viz., symptoms of bad (though often unintentional) design decisions that might affect application security. This study aims to explore the impacts of microservice security smells- and of the refactorings known to mitigate their effects-beyond security. In particular, we systematically elicit possible impacts of smells and refactorings on applications' maintainability, performance efficiency, and adherence to microservices' key design principles. We then validate the elicited impacts by means of an online survey targeting experienced practitioners and researchers. Our main contributions include 35 validated impacts, and a discussion of the survey results geared towards analyzing the (mis)alignment between practitioners and researchers.
KW - design principles
KW - maintainability
KW - microservices
KW - performance efficiency
KW - refactoring
KW - security smells
UR - http://www.scopus.com/inward/record.url?scp=85182267578&partnerID=8YFLogxK
U2 - 10.1109/CLEI60451.2023.10346146
DO - 10.1109/CLEI60451.2023.10346146
M3 - Conference contribution
AN - SCOPUS:85182267578
T3 - Proceedings - 2023 49th Latin American Computing Conference, CLEI 2023
BT - Proceedings - 2023 49th Latin American Computing Conference, CLEI 2023
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 16 October 2023 through 20 October 2023
ER -