Litcius/Paper detail

Automated Security Analysis for Microservice Architecture

Nacha Chondamrongkul, Jing Sun, Ian Warren

202030 citationsDOI

Abstract

Designing a software system that applied the microservice architecture style is a challenging task, as its characteristics are vulnerable to various security attacks. Software architect, therefore, needs to pinpoint the security flaws in the design before the implementation can proceed. This task is error-prone as it requires manual analysis on the design model, to identify security threats and trace possible attack scenarios. This paper presents an automated security analysis approach for microservice architecture. Our approach can automatically identify security threats according to a collection of formally defined security characteristics and provide an insightful result that demonstrates how the attack scenarios may happen. A collection of formally defined security characteristics can be extended to support other security characteristics not addressed in this paper.

Topics & Concepts

Computer scienceSoftware security assuranceComputer securityMicroservicesTask (project management)ArchitectureThreat modelEnterprise information security architectureTRACE (psycholinguistics)Software architectureSoftwareSecurity bugSecurity testingSecurity serviceCloud computing securitySecurity information and event managementInformation securityOperating systemEngineeringCloud computingSystems engineeringPhilosophyLinguisticsArtVisual artsSoftware System Performance and ReliabilityInformation and Cyber SecuritySoftware Engineering Research
Automated Security Analysis for Microservice Architecture | Litcius