On automated RBAC assessment by constructing a centralized perspective for microservice mesh

View article
PeerJ Computer Science
https://github.com/cloudhubs/tms2020.
SAR from bytecode: https://github.com/cloudhubs/rad.
SAR from source code: https://github.com/cloudhubs/rad-source.
RBAC analysis: https://github.com/cloudhubs/rad-analysis.
The benchmark is run on a Mac OS computer with a 2.9 GHz 6-core Intel Core i9 processor and 32 GB RAM.

Main article text

 

Introduction

Related work

Role-based access control

Software architecture reconstruction

Proposed method

  1. Missing role violations: this type of violation occurs when an API endpoint does not have any roles associated with it. In this case, all authenticated users can access the endpoint. Such violation typically happens when developers forget to enforce authorization roles on an API endpoint. However, it could be false-positive, for example, some API endpoint might be intentionally left open for all users.

  2. Unknown access violations: if an API endpoint contains an authorization role that is not present in the user-defined role hierarchy, then we define it as an unknown access violation. Usually this type of violation results from typographical errors and in most cases, such typos are left unnoticed since they do not cause any compilation errors. As a result, legitimate users with proper access are denied from accessing the endpoint.

  3. Entity access violations: if input and output that is, request and response types of two API endpoints are similar but they have different authorization roles, then we classify it as an entity access violation. This kind of violation indicates that the same entity is being accessed by users with different access roles.

  4. Conflicting hierarchy violations: this type of violation happens when an intermediate method in the service layer or repository layer contains two different roles that are ancestor of each other’s in the role hierarchy. This violation signifies that users with a junior role are accessing some functionalities that might be intended for users with a senior role (Walker et al., 2020).

  5. Unrelated access violations: similar to conflicting hierarchy these violations focus on intermediate methods instead of endpoint methods. When an intermediate method contains two multiple roles that are located in different subtrees of the role hierarchy, we classify it as an unrelated access violation. This type of violation indicates poorly separated concerns while distributing access roles across different functionalities of the application (Walker et al., 2020).

Case study

Threats to validity

Internal threats to validity

External threats to validity

Conclusion

Additional Information and Declarations

Competing Interests

The authors declare that they have no competing interests.

Author Contributions

Dipta Das conceived and designed the experiments, performed the experiments, analyzed the data, performed the computation work, prepared figures and/or tables, authored or reviewed drafts of the paper, and approved the final draft.

Andrew Walker conceived and designed the experiments, analyzed the data, authored or reviewed drafts of the paper, and approved the final draft.

Vincent Bushong conceived and designed the experiments, analyzed the data, authored or reviewed drafts of the paper, and approved the final draft.

Jan Svacina conceived and designed the experiments, analyzed the data, authored or reviewed drafts of the paper, and approved the final draft.

Tomas Cerny conceived and designed the experiments, analyzed the data, authored or reviewed drafts of the paper, and approved the final draft.

Vashek Matyas conceived and designed the experiments, analyzed the data, authored or reviewed drafts of the paper, and approved the final draft.

Data Availability

The following information was supplied regarding data availability:

Data and analysis are available at GitHub, specifically:

- Bytecode analysis: https://github.com/cloudhubs/rad.

- Source code analysis: https://github.com/cloudhubs/rad-source.

- RBAC analysis: https://github.com/cloudhubs/rad-analysis.

Funding

This material is based upon work supported by the National Science Foundation under Grant No. 1854049 and a grant from Red Hat Research. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.

8 Citations 1,954 Views 501 Downloads