Deeksha Gorige, Eyhab Al-Masri, Sergey Kanzhelev, H. Fattah
{"title":"Privacy-Risk Detection in Microservices Composition Using Distributed Tracing","authors":"Deeksha Gorige, Eyhab Al-Masri, Sergey Kanzhelev, H. Fattah","doi":"10.1109/ECICE50847.2020.9301952","DOIUrl":null,"url":null,"abstract":"It is a common task when employing the microservices architecture to integrate a number of loosely coupled entities that communicate with each other resulting in service requests that disseminate through a number of service endpoints. As the number of service endpoints increases, identifying the path to which a service request passes through the network becomes a time consuming and challenging task. In addition, as part of service requests, personal data may be shared across a number of service providers without end-users’ knowledge. Hence, tracing service requests and the extent to which data is flowing from one service endpoint to another becomes inevitable. In this paper, we introduce a distributed tracing Privacy Risk Detection (dtPRD) framework for identifying potential privacy and security risks associated with the dissemination of data through the path a service request undergoes. Identifying any risks associated with data sharing across a service path or plan can help in classifying service endpoints that are vulnerable or have the potential of exposing data without the end user’s knowledge. Throughout the paper, we present experimental and validation results of our proposed approach which show the effectiveness and usefulness of the dtPRD framework.","PeriodicalId":130143,"journal":{"name":"2020 IEEE Eurasia Conference on IOT, Communication and Engineering (ECICE)","volume":"183 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE Eurasia Conference on IOT, Communication and Engineering (ECICE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ECICE50847.2020.9301952","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7
Abstract
It is a common task when employing the microservices architecture to integrate a number of loosely coupled entities that communicate with each other resulting in service requests that disseminate through a number of service endpoints. As the number of service endpoints increases, identifying the path to which a service request passes through the network becomes a time consuming and challenging task. In addition, as part of service requests, personal data may be shared across a number of service providers without end-users’ knowledge. Hence, tracing service requests and the extent to which data is flowing from one service endpoint to another becomes inevitable. In this paper, we introduce a distributed tracing Privacy Risk Detection (dtPRD) framework for identifying potential privacy and security risks associated with the dissemination of data through the path a service request undergoes. Identifying any risks associated with data sharing across a service path or plan can help in classifying service endpoints that are vulnerable or have the potential of exposing data without the end user’s knowledge. Throughout the paper, we present experimental and validation results of our proposed approach which show the effectiveness and usefulness of the dtPRD framework.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
