Abstract
Microservice is a software architecture with significant improvements over service-oriented architecture (SOA). The definition of microservices states that each service should perform only a single task, and hence, applications will have more services. As the number of services increases, different issues arise w.r.t testing, monitoring, governance, and security. When services communicate in microservices architecture, new challenges arise in areas like containers (deployment environment), data, permissions (authorization and authentication), and network. We will focus on permission issues related to authentication and authorization. Role-based access control (RBAC) model was used in microservices to ensure authorization. However, there are some security issues in RBAC, i.e., role explosion and segregation of duty. These issues also have an effect on the security policies of microservices. We aim to propose a solution to solve these problems by providing attribute-based access control for microservices architecture. We evaluate the performance of the proposed model by measuring metrics such as response time, throughput, and data transferred. From testing, it is proved that the system is reliable.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Dan N, Hua-Ji S, Yuan C, Jia-Hu G (2012) Attribute based access control (ABAC)-based cross-domain access control in service-oriented architecture (SOA). In: 2012 international conference on computer science and service system, Nanjing, 2012, pp 1405–1408. https://doi.org/10.1109/CSSS.2012.354
Karp AH (2006) Authorization-based access control for the services oriented architecture. In: 4th international conference on creating, connecting and collaborating through computing (C5’06), Berkeley, CA, , pp 160-167. https://doi.org/10.1109/C5.2006.9
Sabbari M, Alipour HS (2011) Improving attribute based access control model for web services. In: World congress on information and communication technologies. Mumbai, pp 1223–1228. https://doi.org/10.1109/WICT.2011.6141423
Yuan E, Tong J (2005) Attributed based access control (ABAC) for web services. In: IEEE international conference on web services (ICWS’05), Orlando, FL, pp 569. https://doi.org/10.1109/ICWS.2005.25
Pereira-Vale A, Márquez G, Astudillo H, Fernandez EB (2019) Security mechanisms used in microservices-based systems: a systematic mapping. In: 45 Latin American computing conference (CLEI). Panama, Panama, pp 01–10. https://doi.org/10.1109/CLEI47609.2019.235060
Yu D, Jin Y, Zhang Y, Zheng X (2019) Nov 25 a survey on security issues in services communication of Microservices-enabled fog applications. Concurr Comput Pract Exp 31(22):e4436
ShuLin Y, JiePing H (2020) Research on unified authentication and authorization in microservice architecture. In: 2020 IEEE 20th international conference on communication technology (ICCT), pp 1169–1173. https://doi.org/10.1109/ICCT50939.2020.9295931
Triartono Z, Negara RM, Sussi (2019) Implementation of role-based access control on OAuth 2.0 as authentication and authorization system. In: 2019 6th international conference on electrical engineering, computer science and informatics (EECSI), Bandung, Indonesia, pp 259–263. https://doi.org/10.23919/EECSI48112.2019.8977061
Chandramouli R (2019) Security strategies for microservices-based application systems. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP), pp 800–204. https://doi.org/10.6028/NIST.SP.800-204
Chandramouli R, Butcher Z (2020) Building secure microservices-based applications using servicemesh architecture. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-204A. https://doi.org/10.6028/NIST.SP.800-204A
Liu B, Yang Y, Zhou Z (2018) Research on hybrid access control strategy for smart campus platform. In: IEEE 3rd advanced information technology, electronic and automation control conference (IAEAC). Chongqing 2018, pp 342–346. https://doi.org/10.1109/IAEAC.2018.8577828
Ferraiolo D, Chandramouli R, Kuhn R, Hu V (2016) Extensible access control markup language (xacml) and next generation access control (NGAC). In: Proceedings of the 2016 ACM international workshop on attribute based access control (ABAC’16). Association for Computing Machinery, New York, NY, USA, pp 13–24. https://doi.org/10.1145/2875491.2875496
Thanh TQ, Covaci S, Magedanz T, Gouvas P, Zafeiropoulos A (2016) Embedding security and privacy into the development and operation of cloud applications and services. In: 17th international telecommunications network strategy and planning symposium (Networks). Montreal, QC 2016, pp 31–36. https://doi.org/10.1109/NETWKS.2016.7751149
Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29(2):38–47. https://doi.org/10.1109/2.485845
OASIS, The XML access control markup language (XACML) OASIS TC Homepage. http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
Hu VC, Kuhn DR, Ferraiolo DF, Voas J (2015) Attribute-based access control. Computer 48(2):85–88. https://doi.org/10.1109/MC.2015.33
Rajpoot QM, Jensen CD, Krishnan R (2015) Integrating attributes into role-based access control. In: IFIP annual conference on data and applications security and privacy. Springer, Cham
Raj V, Ravichandra S (2018) Microservices: a perfect SOA based solution for enterprise applications compared to web services. In: 2018 3rd IEEE international conference on recent trends in electronics, information and communication technology (RTEICT) 2018 May 18. IEEE, pp 1531–1536
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Singh, A., Raj, V., Ravichandra, S. (2022). Integration of Attribute-Based Access Control in Microservices Architecture. In: Tuba, M., Akashe, S., Joshi, A. (eds) ICT Systems and Sustainability. Lecture Notes in Networks and Systems, vol 321. Springer, Singapore. https://doi.org/10.1007/978-981-16-5987-4_69
Download citation
DOI: https://doi.org/10.1007/978-981-16-5987-4_69
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-5986-7
Online ISBN: 978-981-16-5987-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)