Paper Info
Title
Towards Multi-party Policy-based Access Control in Federations of Cloud and Edge Microservices
Abstract
The development and deployment of microservices and containers come with a promise of flexibility by embracing heterogeneity and reducing the amount of communication and coordination between service teams. However, when such software ecosystems are developed in large organizations with a high degree of independence, and deployed in the cloud and at the edge, security becomes a non-trivial concern. The challenge that we address in this work is the delegated management of access control decisions to multiple stakeholders in continuously evolving federations of cloud and edge microservices. To ensure that user-centric access control remains sustainable in such complex service delivery models, we present a dynamic granular access control solution on top of different authorization frameworks. By leveraging microservice technologies, our solution is flexible, scalable, and contextual, and can adhere to the security needs of different stakeholders in microservice federations - from DevOps teams to common end-users - with the necessary agility to respond to exceptional security circumstances.
Year
DOI
Venue
2019
10.1109/EuroSPW.2019.00010
2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
Keywords
Field
DocType
authorization,microservices,policy-based access control,edge,federation
Software deployment,Computer security,Computer science,Computer network,DevOps,Software,Access control,Microservices,Service delivery framework,Cloud computing,Scalability
Conference
ISBN
Citations 
PageRank 
978-1-7281-3027-9
0
0.34
References 
Authors
0
2
Name
Order
Citations
PageRank
Davy Preuveneers170565.56
Wouter Joosen22898287.70