Fine-Grained Access Control for Microservices

Antonio Nehme, Vitor Jesus, Khaled Mahbub, Ali Abdallah

Research output: Chapter in Book/Published conference outputConference publication

Abstract

Microservices-based applications are considered to be a promising paradigm for building large-scale digital systems due to their flexibility, scalability, and agility of development. To achieve the adoption of digital services, applications holding personal data must be secure while giving end-users as much control as possible. On the other hand, for software developers, the adoption of a security solution for microservices requires it to be easily adaptable to the application context and requirements while fully exploiting reusability of security components. This paper proposes a solution that targets key security challenges of microservice-based applications. Our approach relies on a coordination of security components, and offers a fine-grained access control in order to minimise the risks of token theft, session manipulation, and a malicious insider; it also renders the system resilient against confused deputy attacks. This solution is based on a combination of OAuth 2 and XACML open standards, and achieved through reusable security components integrated with microservices.
Original languageEnglish
Title of host publicationFoundations and Practice of Security
Subtitle of host publicationFPS 2018
EditorsN. Zincir-Heywood, G. Bonfante, M. Debbabi, J. Garcia-Alfaro
PublisherSpringer
Pages285–300
ISBN (Electronic)9783030184193
ISBN (Print)9783030184186
DOIs
Publication statusPublished - 14 Apr 2019

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume11358

Fingerprint

Dive into the research topics of 'Fine-Grained Access Control for Microservices'. Together they form a unique fingerprint.

Cite this