Abstract
Microservices offer a compelling competitive advantage for building data flow systems as a choreography of self-contained data endpoints that each implement a specific data processing functionality. Such a ‘single responsibility principle’ design makes them well suited for constructing scalable and flexible data integration and real-time data flow applications. In this paper, we investigate microservice based data processing workflows from a security point of view, i.e., (1) how to constrain data processing workflows with respect to dynamic authorization policies granting or denying access to certain microservice results depending on the flow of the data; (2) how to let multiple microservices contribute to a collective data-driven authorization decision and (3) how to put adequate measures in place such that the data within each individual microservice is protected against illegitimate access from unauthorized users or other microservices. Due to this multifold objective, enforcing access control on the data endpoints to prevent information leakage or preserve one’s privacy becomes far more challenging, as authorization policies can have dependencies and decision outcomes cross-cutting data in multiple microservices. To address this challenge, we present and evaluate a workflow-oriented authorization framework that enforces authorization policies in a decentralized manner and where the delegated policy evaluation leverages feature toggles that are managed at runtime by software circuit breakers to secure the distributed data processing workflows. The benefit of our solution is that, on the one hand, authorization policies restrict access to the data endpoints of the microservices, and on the other hand, microservices can safely rely on other data endpoints to collectively evaluate cross-cutting access control decisions without having to rely on a shared storage backend holding all the necessary information for the policy evaluation.
Highlights
With the advent of trends like the Internet of Things [1], distributed software systems increasingly obtain more useful information about users and their environment
This section elaborates on the scalability and performance overhead of our delegated policy evaluation for data-driven workflows
The authorization policies used in our setup are similar in complexity to the ones we described earlier
Summary
With the advent of trends like the Internet of Things [1], distributed software systems increasingly obtain more useful information about users and their environment. Two architectural styles for real-time data processing are the Lambda architecture (http://lambda-architecture.net, by Nathan Marz, creator of Storm) [10] and the Kappa architecture (http://kappa-architecture.com, by Jay Kreps, from LinkedIn) They both deliver fault-tolerant and scalable data processing with support for incremental data updates. A feature toggle is typically a variable that is used in a conditional statement to enable or disable a piece of code for testing or release purposes In the past, such feature toggles were used at compile time to exclude certain features from the application binary. Martin Fowler (https://martinfowler.com/articles/feature-toggles.html) describes several types of feature toggles that mainly differ in dynamism and longevity These feature toggles include ‘release toggles’ to disable incomplete or untested code paths in production systems, ‘experiment toggles’ for multivariate user testing of different code paths and ‘ops toggles’ to control operational aspects of a system’s behavior
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
