Role and Policy Based Authorization Microservice Module for Web Application Systems: DockMan


Creative Commons License

Özdikililer E.

2nd International Conference on Electronics, Engineering Physics, and Earth Science, EEPES 2023, Hybrid, Kavala, Greece, 21 - 23 June 2023, vol.3063 identifier

  • Publication Type: Conference Paper / Full Text
  • Volume: 3063
  • Doi Number: 10.1063/5.0196367
  • City: Hybrid, Kavala
  • Country: Greece
  • Istanbul Technical University Affiliated: Yes

Abstract

Today, the complete virtualization of application access makes the security vulnerability more apparent. The sensitivity of the security issue necessitates a thorough investigation. In addition to their advanced designs, microservices, which are considered the final step in application architectures, have their own weaknesses and vulnerabilities. Even though it has eliminated numerous threats and issues, there is room for improvement, particularly in authentication and authorization architectural models. With additional models, properly designed and implemented security standards are candidates for transforming systems into more reliable structures. This paper aims to introduce and describe a role- and policy-based authorization microservice module for web application systems. Within the scope of this study, the AUTH Security (Authorization and Authentication Security Module) module of the structure called "DockMan" - Docker Management System will be examined. DocMan AUTH is designed for secure and easy management of distributed and integrated systems.