Skip to main content
SpringerLink
Log in

Integration of Attribute-Based Access Control in Microservices Architecture

  • Conference paper
  • First Online:
ICT Systems and Sustainability

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 321))

  • 1033 Accesses

Abstract

Microservice is a software architecture with significant improvements over service-oriented architecture (SOA). The definition of microservices states that each service should perform only a single task, and hence, applications will have more services. As the number of services increases, different issues arise w.r.t testing, monitoring, governance, and security. When services communicate in microservices architecture, new challenges arise in areas like containers (deployment environment), data, permissions (authorization and authentication), and network. We will focus on permission issues related to authentication and authorization. Role-based access control (RBAC) model was used in microservices to ensure authorization. However, there are some security issues in RBAC, i.e., role explosion and segregation of duty. These issues also have an effect on the security policies of microservices. We aim to propose a solution to solve these problems by providing attribute-based access control for microservices architecture. We evaluate the performance of the proposed model by measuring metrics such as response time, throughput, and data transferred. From testing, it is proved that the system is reliable.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Dan N, Hua-Ji S, Yuan C, Jia-Hu G (2012) Attribute based access control (ABAC)-based cross-domain access control in service-oriented architecture (SOA). In: 2012 international conference on computer science and service system, Nanjing, 2012, pp 1405–1408. https://doi.org/10.1109/CSSS.2012.354

  2. Karp AH (2006) Authorization-based access control for the services oriented architecture. In: 4th international conference on creating, connecting and collaborating through computing (C5’06), Berkeley, CA, , pp 160-167. https://doi.org/10.1109/C5.2006.9

  3. Sabbari M, Alipour HS (2011) Improving attribute based access control model for web services. In: World congress on information and communication technologies. Mumbai, pp 1223–1228. https://doi.org/10.1109/WICT.2011.6141423

  4. Yuan E, Tong J (2005) Attributed based access control (ABAC) for web services. In: IEEE international conference on web services (ICWS’05), Orlando, FL, pp 569. https://doi.org/10.1109/ICWS.2005.25

  5. Pereira-Vale A, Márquez G, Astudillo H, Fernandez EB (2019) Security mechanisms used in microservices-based systems: a systematic mapping. In: 45 Latin American computing conference (CLEI). Panama, Panama, pp 01–10. https://doi.org/10.1109/CLEI47609.2019.235060

  6. Yu D, Jin Y, Zhang Y, Zheng X (2019) Nov 25 a survey on security issues in services communication of Microservices-enabled fog applications. Concurr Comput Pract Exp 31(22):e4436

    Google Scholar 

  7. ShuLin Y, JiePing H (2020) Research on unified authentication and authorization in microservice architecture. In: 2020 IEEE 20th international conference on communication technology (ICCT), pp 1169–1173. https://doi.org/10.1109/ICCT50939.2020.9295931

  8. Triartono Z, Negara RM, Sussi (2019) Implementation of role-based access control on OAuth 2.0 as authentication and authorization system. In: 2019 6th international conference on electrical engineering, computer science and informatics (EECSI), Bandung, Indonesia, pp 259–263. https://doi.org/10.23919/EECSI48112.2019.8977061

  9. Chandramouli R (2019) Security strategies for microservices-based application systems. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP), pp 800–204. https://doi.org/10.6028/NIST.SP.800-204

  10. Chandramouli R, Butcher Z (2020) Building secure microservices-based applications using servicemesh architecture. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-204A. https://doi.org/10.6028/NIST.SP.800-204A

  11. Liu B, Yang Y, Zhou Z (2018) Research on hybrid access control strategy for smart campus platform. In: IEEE 3rd advanced information technology, electronic and automation control conference (IAEAC). Chongqing 2018, pp 342–346. https://doi.org/10.1109/IAEAC.2018.8577828

  12. Ferraiolo D, Chandramouli R, Kuhn R, Hu V (2016) Extensible access control markup language (xacml) and next generation access control (NGAC). In: Proceedings of the 2016 ACM international workshop on attribute based access control (ABAC’16). Association for Computing Machinery, New York, NY, USA, pp 13–24. https://doi.org/10.1145/2875491.2875496

  13. Thanh TQ, Covaci S, Magedanz T, Gouvas P, Zafeiropoulos A (2016) Embedding security and privacy into the development and operation of cloud applications and services. In: 17th international telecommunications network strategy and planning symposium (Networks). Montreal, QC 2016, pp 31–36. https://doi.org/10.1109/NETWKS.2016.7751149

  14. Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29(2):38–47. https://doi.org/10.1109/2.485845

  15. OASIS, The XML access control markup language (XACML) OASIS TC Homepage. http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml

  16. Hu VC, Kuhn DR, Ferraiolo DF, Voas J (2015) Attribute-based access control. Computer 48(2):85–88. https://doi.org/10.1109/MC.2015.33

  17. Rajpoot QM, Jensen CD, Krishnan R (2015) Integrating attributes into role-based access control. In: IFIP annual conference on data and applications security and privacy. Springer, Cham

    Google Scholar 

  18. Raj V, Ravichandra S (2018) Microservices: a perfect SOA based solution for enterprise applications compared to web services. In: 2018 3rd IEEE international conference on recent trends in electronics, information and communication technology (RTEICT) 2018 May 18. IEEE, pp 1531–1536

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Institute of Technology, Warangal, India

    Amandeep Singh

  2. BVRIT HYDERABAD College of Engineering for Women, Hyderabad, India

    Vinay Raj

  3. National Institute of Technology, Warangal, India

    Sadam Ravichandra

Authors
  1. Amandeep Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vinay Raj
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sadam Ravichandra
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Singidunum University, Belgrade, Serbia

    Milan Tuba

  2. ITM University, Gwalior, Madhya Pradesh, India

    Shyam Akashe

  3. Global Knowledge Research Foundation, Ahmedabad, Gujarat, India

    Amit Joshi

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Singh, A., Raj, V., Ravichandra, S. (2022). Integration of Attribute-Based Access Control in Microservices Architecture. In: Tuba, M., Akashe, S., Joshi, A. (eds) ICT Systems and Sustainability. Lecture Notes in Networks and Systems, vol 321. Springer, Singapore. https://doi.org/10.1007/978-981-16-5987-4_69

Download citation

Publish with us

Policies and ethics

Search

Navigation