Securing microservice applications is crucial. Security smells denote symptoms of bad –often unintentional– design decisions, which may result in violating security properties, and that can be resolved via refactoring. Stakeholders take into account the services’ business value, problem criticality, and available resources to decide which smells to resolve or leave alone, but making such decisions is inherently complex for microservice applications with many services, possibly affected by multiple security smell instances. Borrowing from hospital emergency room triage practices, which assign an urgency code to incoming patients, this paper introduces the notion of urgency for microservice security smell instances, and proposes the TriSS method to triage them. TriSS enables assigning to each security smell instance with an urgency code based on combining the services’ business relevance and the smells’ impacts on security and other quality attributes, e.g., performance and maintainability. The practical applicability of TriSS is illustrated with a use case based on a third-party microservice application, and its usefulness is evaluated with a controlled experiment involving 26 practitioners. The experiment’s results suggest that TriSS eases the triage process and yields urgency codes on which practitioners are more confident.
Triaging Microservice Security Smells, with TriSS
Ponce, FranciscoPrimo
;Soldani, JacopoSecondo
;Brogi, AntonioUltimo
2024-01-01
Abstract
Securing microservice applications is crucial. Security smells denote symptoms of bad –often unintentional– design decisions, which may result in violating security properties, and that can be resolved via refactoring. Stakeholders take into account the services’ business value, problem criticality, and available resources to decide which smells to resolve or leave alone, but making such decisions is inherently complex for microservice applications with many services, possibly affected by multiple security smell instances. Borrowing from hospital emergency room triage practices, which assign an urgency code to incoming patients, this paper introduces the notion of urgency for microservice security smell instances, and proposes the TriSS method to triage them. TriSS enables assigning to each security smell instance with an urgency code based on combining the services’ business relevance and the smells’ impacts on security and other quality attributes, e.g., performance and maintainability. The practical applicability of TriSS is illustrated with a use case based on a third-party microservice application, and its usefulness is evaluated with a controlled experiment involving 26 practitioners. The experiment’s results suggest that TriSS eases the triage process and yields urgency codes on which practitioners are more confident.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.