Identifying availability tactics to support security architectural design of microservice-based systems

“…Security issues were examined at three different levels-component level, interface level and at application level [14]. • G. Marquez and H. Astudillo (2019) conducted an experimental study to analyze the availability tactics that would be beneficial for security-design decisions in micro-service based systems (MBS) [15]. 17 Open source MBS were inspected by using their source code and documentation.…”

“…React and recover from attacks (F3): react to an attack means that a software system should have a security mechanism that responds in a particular way when the system faces a potential attack, while recover from an attack means that the system should also have the ability to return to a normal state after facing a potential attack [15][16][17][18]. In other words, we can say that the system should provide normal services to its authentic users when or after facing a potential attack.…”

“…Revoke access (F31): implies that when system admins realize any type of potential threat or attack, they can severely limit the access to sensitive resources [15].…”

“…Lock computer (F32): when there is a repeated failed login from a specific compute, admins can lock the specific computer for some specific time because continuous unsuccessful logins may indicate a malicious attack [15].…”

“…To determine the weights of attributes (criteria) fuzzy-ANP is applied. ANP is a multi-criteria decision analysis approach used in decision-making problems [13][14][15][16]. It represents the dependencies among criteria or alternatives to solve the problems having dependencies and is represented by a network because interactions and dependencies among the factors of the problem are shown in a network.…”

Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective

“…Security issues were examined at three different levels-component level, interface level and at application level [14]. • G. Marquez and H. Astudillo (2019) conducted an experimental study to analyze the availability tactics that would be beneficial for security-design decisions in micro-service based systems (MBS) [15]. 17 Open source MBS were inspected by using their source code and documentation.…”

“…React and recover from attacks (F3): react to an attack means that a software system should have a security mechanism that responds in a particular way when the system faces a potential attack, while recover from an attack means that the system should also have the ability to return to a normal state after facing a potential attack [15][16][17][18]. In other words, we can say that the system should provide normal services to its authentic users when or after facing a potential attack.…”

“…Revoke access (F31): implies that when system admins realize any type of potential threat or attack, they can severely limit the access to sensitive resources [15].…”

“…Lock computer (F32): when there is a repeated failed login from a specific compute, admins can lock the specific computer for some specific time because continuous unsuccessful logins may indicate a malicious attack [15].…”

“…To determine the weights of attributes (criteria) fuzzy-ANP is applied. ANP is a multi-criteria decision analysis approach used in decision-making problems [13][14][15][16]. It represents the dependencies among criteria or alternatives to solve the problems having dependencies and is represented by a network because interactions and dependencies among the factors of the problem are shown in a network.…”

Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective

A Systematic Survey of Architectural Approaches and Trade-Offs in Data De-identification

Automated Microservice Code-Smell Detection