TY - GEN
T1 - Towards Teamwise Informed Decisions On Microservice Security Smells
AU - Ponce, Francisco
AU - Soldani, Jacopo
AU - Astudillo, Hernán
AU - Brogi, Antonio
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
PY - 2024
Y1 - 2024
N2 - Security smells, i.e., possible symptoms of bad security decisions, can occur in microservice-based applications, potentially resulting in violations of key security properties. The decision of whether or not to refactor a service to mitigate the potential effects of security smells is complex, considering the distributed responsibility of services across teams and the possible impact on their development schedules. In this work-in-progress paper, we propose a team-centric approach that provides insights into the effects of refactorings on quality attributes, the urgency and effort of a refactoring, and its implications for other teams. The ultimate goal is to support teams in making decisions in the context of microservice-based application security and to improve the scheduling of the refactorings that mitigate the potential effects of microservice security smell instances.
AB - Security smells, i.e., possible symptoms of bad security decisions, can occur in microservice-based applications, potentially resulting in violations of key security properties. The decision of whether or not to refactor a service to mitigate the potential effects of security smells is complex, considering the distributed responsibility of services across teams and the possible impact on their development schedules. In this work-in-progress paper, we propose a team-centric approach that provides insights into the effects of refactorings on quality attributes, the urgency and effort of a refactoring, and its implications for other teams. The ultimate goal is to support teams in making decisions in the context of microservice-based application security and to improve the scheduling of the refactorings that mitigate the potential effects of microservice security smell instances.
KW - microservices
KW - refactoring
KW - security smells
KW - teamwise
UR - http://www.scopus.com/inward/record.url?scp=85203584613&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-70797-1_23
DO - 10.1007/978-3-031-70797-1_23
M3 - Conference contribution
AN - SCOPUS:85203584613
SN - 9783031707964
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 350
EP - 358
BT - Software Architecture - 18th European Conference, ECSA 2024, Proceedings
A2 - Galster, Matthias
A2 - Scandurra, Patrizia
A2 - Mikkonen, Tommi
A2 - Oliveira Antonino, Pablo
A2 - Nakagawa, Elisa Yumi
A2 - Navarro, Elena
PB - Springer Science and Business Media Deutschland GmbH
T2 - 18th European Conference on Software Architecture, ECSA 2024
Y2 - 3 September 2024 through 6 September 2024
ER -