Access Control Design Practice and Solutions in Cloud-Native Architecture: A Systematic Mapping Study
Author:
Rahaman Md Shahidur1, Tisha Sadia Nasrin1ORCID, Song Eunjee1ORCID, Cerny Tomas1ORCID
Affiliation:
1. Department of Computer Science, ECS, Baylor University, Waco, TX 76798, USA
Abstract
Protecting the resources of a cloud-native application is essential to meet an organization’s security goals. Cloud-native applications manage thousands of user requests, and an organization must employ a proper access control mechanism. However, unfortunately, developers sometimes grumble when designing and enforcing access decisions for a gigantic scalable application. It is sometimes complicated to choose the potential access control model for the system. Cloud-native software architecture has become an integral part of the industry to manage and maintain customer needs. A microservice is a combination of small independent services that might have hundreds of parts, where the developers must protect the individual services. An efficient access control model can defend the respective services and consistency. This study intends to comprehensively analyze the current access control mechanism and techniques utilized in cloud-native architecture. For this, we present a systematic mapping study that extracts current approaches, categorizes access control patterns, and provides developers guidance to meet security principles. In addition, we have gathered 234 essential articles, of which 29 have been chosen as primary studies. Our comprehensive analysis will guide practitioners to identify proper access control mechanisms applicable to ensuring security goals in cloud-native architectures.
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference50 articles.
1. A Systematic Mapping Study of Cloud-native Application Design and Engineering;Ajayi;J. Phys. Conf. Ser.,2019 2. Microservices: Architecture and Technologies;Desai;Int. J. Res. Appl. Sci. Eng. Technol.,2020 3. Villamizar, M., Garcés, O., Castro, H., Verano, M., Salamanca, L., Casallas, R., and Gil, S. (2015, January 21–25). Evaluating the monolithic and the microservice architecture pattern to deploy web applications in the cloud. Proceedings of the 2015 10th Computing Colombian Conference (10CCC), Bogota, Colombia. 4. Krylovskiy, A., Jahn, M., and Patti, E. (2015, January 24–26). Designing a Smart City Internet of Things Platform with Microservice Architecture. Proceedings of the 2015 3rd International Conference on Future Internet of Things and Cloud, Rome, Italy. 5. Lu, D., Huang, D., Walenstein, A., and Medhi, D. (2017, January 6–9). A Secure Microservice Framework for IoT. Proceedings of the 2017 IEEE Symposium on Service-Oriented System Engineering (SOSE), San Francisco, CA, USA.
Cited by
6 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Research of Cloud-Native AS/RS Warehouse Management and Control Platform Architecture;2024 5th International Conference on Computer Engineering and Application (ICCEA);2024-04-12 2. A Comprehensive Review on Granularity Perspective of the Access Control Models in Cloud Computing;2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI);2024-03-14 3. Securing the Digital Supply Chain Cyber Threats and Vulnerabilities;Advances in Logistics, Operations, and Management Science;2023-12-29 4. DCE: A High-Performance, Scalable, Enterprise-Level Cloud Native Operating System;2023 IEEE 8th International Conference on Smart Cloud (SmartCloud);2023-09-16 5. Multitenant Containers as a Service (CaaS) for Clouds and Edge Clouds;IEEE Access;2023
|
|