A Performant and Secure Single Sign-On System Using Microservices

被引：1

作者：

Moghaddam, Mahyar T. ^{[1
]}

Pedersen, Andreas Edal ^{[1
]}

Bolding, William Walter Lillebroe ^{[2
]}

Worm, Torben ^{[1
]}

机构：

[1] Univ Southern Denmark, Odense, Denmark

[2] VIA Univ Coll, Aarhus, Denmark

来源：

38TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, SAC 2023 | 2023年

关键词：

Empirical Software Engineering; Microservices; Single Sign-On; Performance; Security;

D O I：

10.1145/3555776.3577869

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

The Single Sign-On (SSO) method eases the authentication and authorization process. The solution substantially impacts the users' experience since they only need to authenticate once to access multiple services without re-authenticating. This paper adopts an incremental prototyping approach to develop an SSO system. The research reveals that while SSO improves users' quality of experience, it could imply performance and security issues if traditional architectures are adopted. Thus, a Microservices-based approach with containerization is subsequently proposed to overcome SSO's quality issues in practice. The SSO system is containerized using Docker and managed using Docker Compose. The results show a significant performance and security improvement.

引用

页码：1516 / 1519

页数：4

共 14 条

[1]

Bass L., 2021, Software architecture in practice, V4th

[2] A Mobile Based Remote User Authentication Scheme without Verifier Table for Cloud Based Services [J].

Binu, Sumitra ;

Misbahuddin, Mohammed ;

Raj, Pethuru .

PROCEEDING OF THE THIRD INTERNATIONAL SYMPOSIUM ON WOMEN IN COMPUTING AND INFORMATICS (WCI-2015), 2015, :502-509

[3]

Cerny T., 2017, Proceedings of the 2017 Research in Adaptive and Convergent Systems, RACS 2017, V2017-Janua, P228

[4] Human Behaviour Centered Design: Developing a Software System for Cultural Heritage [J].

Dugdale, Julie ;

Moghaddam, Mahyar T. ;

Muccini, Henry .

2020 IEEE/ACM 42ND INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: SOFTWARE ENGINEERING IN SOCIETY (ICSE-SEIS 2021), 2020, :85-94

[5]

Guowei Wang, 2011, 2011 2nd International Conference on Artificial Intelligence, Management Science and Electronic Commerce (AIMSEC 2011), P2963, DOI 10.1109/AIMSEC.2011.6010462

[6]

Josang A., 2007, P 5 AUSTRALASIAN S A, V68, P143

[7] Securing a Cloud-Native C2 Architecture Using SSO and JWT [J].

Melton, Ryan .

2021 IEEE AEROSPACE CONFERENCE (AEROCONF 2021), 2021,

[8] Designing Internet of Behaviors Systems [J].

Moghaddam, Mahyar T. ;

Muccini, Henry ;

Dugdale, Julie ;

Kjagaard, Mikkel Baun .

IEEE 19TH INTERNATIONAL CONFERENCE ON SOFTWARE ARCHITECTURE (ICSA 2022), 2022, :124-134

[9]

Pressman Roger, 2019, ISE Software Engineering: A Practitioner's Approach, V9

[10]

Schläger C, 2007, ARES 2007: SECOND INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, P230

← 1 2 →