Microservices Security Challenges and Approaches

The fast-paced development cycles of microservices applications increase the probability of insufficient security tests in the development pipelines and consequent deployment of vulnerable microservices. The distribution and ephemeral of microservices create a discoverability challenge for traditional security assessment techniques, especially for microservices being dynamically launched and de-registered. To address this in applications and networks, continuous security assessments are used for vulnerability detection. Detected vulnerabilities are thereafter patched, essentially reducing the chances for security attacks. This paper illustrates the microservices architecture and its components from the security perspective. It investigates, summarizes, and highlights the microservices security-related challenges and the suggested approaches and proposals for facing them. It addresses the security impact on the different microservice architectural perspectives

The Microservice Dependency Matrix

Microservices have been recognized for over a decade. They reshaped system design enabling decentralization and independence of development teams working on particular microservices. While loosely coupled microservices are desired, it is inevitable for dependencies to arise. However, these dependencies often go unnoticed by development teams. As the system evolves, making changes to one microservice may trigger a ripple effect, necessitating adjustments in dependent microservices and increasing maintenance and operational efforts. Tracking different types of dependencies across microservices becomes crucial in anticipating the consequences of development team changes. This paper introduces the Endpoint Dependency Matrix (EDM) and Data Dependency Matrix (DDM) as tools to address this challenge. We present an automated approach for tracking these dependencies and demonstrate their extraction through a case study.Comment: Accepted in ESOCC 202

Impact of Remote User Interface Design and Delivery on Energy Demand

Abstract-Client-side User Interface (UI) for web applications clearly plays a critical role in user performance and efficiency. Growing user expectations drive UI design to greater functionality with ever increasing expectations for rich and continuous interactivity. Such increases require greater and greater computational resources. At the same time, web applications are increasingly accessed through mobile, battery-powered devices, such as notebooks, tablets, smartphones, and even watches. In effect, users are simultaneously increasing dependence on battery power and the pace of battery discharge with demanding applications. While UI design often considers factors such as usability, bandwidth consumption, etc., little consideration is given to the impact rendering and delivery design have on energy consumption. While we may expect novel technologies to expand battery capacity, the demands consistently outpace improvements. Careful consideration of UI design strategy may reduce the energy demands placed to the users device. This paper presents a study considering existing UI design and delivery strategies and evaluates their impact on energy consumption

Microvision: Static analysis-based approach to visualizing microservices in augmented reality

Microservices are supporting digital transformation; however, fundamental tools and system perspectives are missing to better observe, understand, and manage these systems, their properties, and their dependencies. Microservices architecture leans toward decentralization, which yields many advantages to system operation; it, however, brings challenges to their development. Microservices lack a system-centric perspective to better cope with system evolution and quality assessment. In this work, we explore microservice-specific architecture reconstruction based on static analysis. Such reconstruction typically results in system models to visualize selected system-centric perspectives. Conventional models are limited in utility when the service cardinality is high. We consider an alternative data visualization using 3D space using augmented reality. To begin testing the feasibility of deriving such perspectives from microservice systems, we developed and implemented prototype tools for software architecture reconstruction and visualization of compared perspectives

Microservice Architecture Reconstruction and Visualization Techniques: A Review

Microservice system solutions are driving digital transformation; however, fundamental tools and system perspectives are missing to better observe, understand, and manage these systems, their properties, and their dependencies. Microservices architecture leads towards decentralization, which implies many advantages to system operation; it, however, brings challenges to their development. Microservice systems often lack a system-centric perspective that would help engineers better cope with system evolution and quality assessment. In this work, we explored microservice-specific architecture reconstruction based on static analysis. Such reconstruction typically results in system models to visualize selected system-centric perspectives. Conventional models involve 2D methods; however, these methods are limited in utility when services proliferate. We considered various architectural perspectives relevant to microservices and assessed the relevancy of the traditional method, comparing it to alternative data visualization using 3D space. As a representative of the 3D method, we considered a 3D graph model presented in augmented reality. To begin testing the feasibility of deriving such perspectives from microservice systems, we developed and implemented prototype tools for software architecture reconstruction and visualization of compared perspectives. Using these prototypes, we performed a small user study with software practitioners to highlight the potentials and limitations of these innovative visualizations used for common practitioner reasoning and tasks

A MATLAB-BASED GUI FOR REMOTE ELECTROOCULOGRAPHY VISUAL EXAMINATION

In this work, a MATLAB-based graphical user interface is proposed for the visual examination of several eye movements. The proposed solution is algorithm-based, which localizes the area of the eye movement, removes artifacts, and calculates the view trajectory in terms of direction and orb deviation. To compute the algorithm, a five-electrode configuration is needed. The goodness of the proposed MATLAB-based graphical user interface has been validated, at the Clinic of Child Neurology of University Hospital of Ostrava, through the EEG Wave Program, which was considered as “gold standard” test. The proposed solution can help physicians on studying cerebral diseases, or to be used for the development of human-machine interfaces useful for the improvement of the digital era that surrounds us today

Navigating an Interdisciplinary Approach to Cybercrime Research

The internet has created new markets and enabled alternative business models for criminal activity, such as human trafficking. Consequently, research is needed to understand the complexity, occurrence, and impact of internet-enabled crime on victims and society. Many scholars have called for interdisciplinary approaches to study and develop interventions to address a broad range of cybercrimes, but this call is challenging to implement. Therefore, we provide a confessional account of our experience associated with developing an interdisciplinary research team and conducting research related to a specific form of cybercrime, predatory crime involving deceptive or covert solicitations. Our confessional account allows us to reflect on our project and discuss the challenges we have encountered along with a discussion of how we have addressed these challenges. We offer guidance to researchers in various stages of conducting interdisciplinary research based on our experiences with a specific form of cybercrime, internet-enabled crime

Benchmarks for End-to-End Microservices Testing

Testing microservice systems involves a large amount of planning and problem-solving. The difficulty of testing microservice systems increases as the size and structure of such systems become more complex. To help the microservice community and simplify experiments with testing and traffic simulation, we created a test benchmark containing full functional testing coverage for two well-established open-source microservice systems. Through our benchmark design, we aimed to demonstrate ways to overcome certain challenges and find effective strategies when testing microservices. In addition, to demonstrate our benchmark use, we conducted a case study to identify the best approaches to take to validate a full coverage of tests using service-dependency graph discovery and business process discovery using tracing.Comment: 7 page