Serverless computing is a novel paradigm that has been widely adopted, in recent years, across many sectors due to its fine-grained scalability and fast time-to-market. This paradigm aims at offloading users from heavy burden tasks including those related to authentication and authorization. However, existing security mechanisms provided by cloud providers do not seem to be adequate to completely secure serverless platforms. In particular, typical access control solutions rely either on centralized authorization services or implement access control verification within the business logic. These approaches respectively degrade system performance and lead to security issues derived from the tight coupling among code and authorization verification. In this paper, we present a solution to address these problems with a fully decentralized architecture integrating access control verification in serverless environments. We implemented a prototype of the proposed architecture and evaluated its performance under different load conditions. Experiments show that our proposal outperforms other approaches.

A Fully Decentralized Architecture for Access Control Verification in Serverless Environments

Mazzocca Carlo;Colajanni Michele;
2022-01-01

Abstract

Serverless computing is a novel paradigm that has been widely adopted, in recent years, across many sectors due to its fine-grained scalability and fast time-to-market. This paradigm aims at offloading users from heavy burden tasks including those related to authentication and authorization. However, existing security mechanisms provided by cloud providers do not seem to be adequate to completely secure serverless platforms. In particular, typical access control solutions rely either on centralized authorization services or implement access control verification within the business logic. These approaches respectively degrade system performance and lead to security issues derived from the tight coupling among code and authorization verification. In this paper, we present a solution to address these problems with a fully decentralized architecture integrating access control verification in serverless environments. We implemented a prototype of the proposed architecture and evaluated its performance under different load conditions. Experiments show that our proposal outperforms other approaches.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4883833
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact