Department of Computer Sciences, Kaunas University of Technology, Studentu str. 50, 51368 Kaunas, Lithuania.
Sensors (Basel). 2023 Mar 22;23(6):3363. doi: 10.3390/s23063363.
Microservices are compact, independent services that work together with other microservices to support a single application function. Organizations may quickly deliver high-quality applications using the effective design pattern of the application function. Microservices allow for the alteration of one service in an application without affecting the other services. Containers and serverless functions, two cloud-native technologies, are frequently used to create microservices applications. A distributed, multi-component program has a number of advantages, but it also introduces new security risks that are not present in more conventional monolithic applications. The objective is to propose a method for access control that ensures the enhanced security of microservices. The proposed method was experimentally tested and validated in comparison to the centralized and decentralized architectures of the microservices. The obtained results showed that the proposed method enhanced the security of decentralized microservices by distributing the access control responsibility across multiple microservices within the external authentication and internal authorization processes. This allows for easy management of permissions between microservices and can help prevent unauthorized access to sensitive data and resources, as well as reduce the risk of attacks on microservices.
微服务是小型的、独立的服务,它们与其他微服务一起协作,以支持单个应用程序功能。组织可以使用应用程序功能的有效设计模式快速交付高质量的应用程序。微服务允许在不影响其他服务的情况下更改应用程序中的一个服务。容器和无服务器功能是两种常用的云原生技术,用于创建微服务应用程序。分布式、多组件程序具有许多优势,但也引入了传统单片应用程序中不存在的新安全风险。目标是提出一种访问控制方法,以确保微服务的增强安全性。所提出的方法在实验中进行了测试,并与微服务的集中式和去中心化架构进行了比较。得到的结果表明,所提出的方法通过在外部身份验证和内部授权过程中将访问控制责任分布在多个微服务中,增强了去中心化微服务的安全性。这使得在微服务之间轻松管理权限成为可能,并有助于防止对敏感数据和资源的未经授权访问,以及降低对微服务的攻击风险。
