Tesi etd-10302023-110805 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
FIORELLA, LAURA
URN
etd-10302023-110805
Titolo
Trade-off analysis for resolving security smells in microservice-based architectures
Dipartimento
INFORMATICA
Corso di studi
INFORMATICA
Relatori
relatore Prof. Brogi, Antonio
relatore Prof. Soldani, Jacopo
relatore Prof. Maña Gomez, Antonio
relatore Prof. Soldani, Jacopo
relatore Prof. Maña Gomez, Antonio
Parole chiave
- microservices system
- model-based
- refactoring
- security smells
- soft goal
- trade-off analysis
Data inizio appello
01/12/2023
Consultabilità
Tesi non consultabile
Riassunto
Nowadays microservices systems are on the rise in enterprise application architecture because they provide a way to organize the system into smaller services working almost independently. But their distributed nature brings also some issues, e.g., those related to the security of the system. Among
the many aspects of this field, the main characters of this work will be the so-called security smells, which represent hints of possible security violations. They could be solved or mitigated with so-called refactorings, which however usually required a considerable effort, or could produce undesirable impacts on other system requirements. The other starts are the so-called soft goal,
sort of system requirements used to evaluate the effects of the presence of a security smell, as well as the ones deriving from the application of refactoring. This Master Thesis presents an approach to support the developers in carrying out a trade-off analysis on generic microservices systems. This type of analysis aims to identify the effects of a certain refactoring, applicable to the system or to individual microservices, to solve or mitigate the problem of security smells. The starting point is an already developed visual formalism called Soft Goal Interdependency Graph (SIG) which allows to represent some of the relations between the Soft Goals of the systems and the agents involved and
provides some formal relationships between them. The main innovation proposed is a general model of security knowledge which contains a formal relation between some of the main refactoring solutions
and the goals of the system they could affect, which is an advance to the state of the art. The approach is model-based, according to a specific UML Profile developed in this thesis, which has been entirely implemented using Visual Paradigm. Most of the process is automated using implemented Groovy
scripts executable directly in the Visual Paradigm environment. To validate the approach, the proposed artifacts, algorithms, and tools have been applied to an “Online Boutique”. Microservices example system defined by Google, to show the effects on a realistic case study and to show the advantages and limitations of the new approach over the actual analysis techniques.
the many aspects of this field, the main characters of this work will be the so-called security smells, which represent hints of possible security violations. They could be solved or mitigated with so-called refactorings, which however usually required a considerable effort, or could produce undesirable impacts on other system requirements. The other starts are the so-called soft goal,
sort of system requirements used to evaluate the effects of the presence of a security smell, as well as the ones deriving from the application of refactoring. This Master Thesis presents an approach to support the developers in carrying out a trade-off analysis on generic microservices systems. This type of analysis aims to identify the effects of a certain refactoring, applicable to the system or to individual microservices, to solve or mitigate the problem of security smells. The starting point is an already developed visual formalism called Soft Goal Interdependency Graph (SIG) which allows to represent some of the relations between the Soft Goals of the systems and the agents involved and
provides some formal relationships between them. The main innovation proposed is a general model of security knowledge which contains a formal relation between some of the main refactoring solutions
and the goals of the system they could affect, which is an advance to the state of the art. The approach is model-based, according to a specific UML Profile developed in this thesis, which has been entirely implemented using Visual Paradigm. Most of the process is automated using implemented Groovy
scripts executable directly in the Visual Paradigm environment. To validate the approach, the proposed artifacts, algorithms, and tools have been applied to an “Online Boutique”. Microservices example system defined by Google, to show the effects on a realistic case study and to show the advantages and limitations of the new approach over the actual analysis techniques.
File
Nome file | Dimensione |
---|---|
Tesi non consultabile. |