Interface Quality Patterns

Stocker, Mirko; Zimmermann, Olaf; Zdun, Uwe; Lübke, Daniel; Pautasso, Cesare

doi:10.1145/3282308.3282319

Cited by 27 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Request Bundle and Rate Limit have been defined as best practices or patterns [27], [28], [29], [30], and particularly in the context of Service-Level Agreements [31], [32]. Although these API patterns have been studied experimentally [5], [33], their combinations with other API patterns and techniques have not been the subject of any experimental study in the scientific literature.…”

Section: Related Workmentioning

confidence: 99%

“…Rate Limit has also been the focus of many studies [7], [27], [29], but has also not been studied with combinations of other patterns and techniques. It is usually implemented using an API Gateway [36] and ensures that API providers are not overwhelmed by an intentional or unintentional flood of requests from API clients.…”

Section: Background About Load Balancing Request Bundle and Rate Limitmentioning

confidence: 99%

See 1 more Smart Citation

Combining API Patterns in Microservice Architectures: Performance and Reliability Analysis

Malki,

Zdun

2023

2023 IEEE International Conference on Web Services (ICWS)

Self Cite

View full text Add to dashboard Cite

There are many challenges in maintaining the desired quality of service levels in modern microservice and cloud applications. Numerous techniques and patterns, such as API Rate Limit, Load Balancing, and Request Bundle, have been suggested for API services and clients to improve quality properties related to performance and reliability. However, no study has measured the impact of these techniques and their combinations in a specific configuration, especially using a large distributed system workload setting. This paper experimentally studies the effects of combining the API Rate Limit, Load Balancing, and Request Bundle patterns based on a realistic, third-party microservice-based application deployed in a private cloud and on the Amazon Web Services cloud (AWS) using 130 different configurations. We have run each configuration 500 times in the private cloud, totaling more than 4500 hours of runtime, and 200 times on AWS, totaling more than 3900 hours of runtime. We developed regression models from the collected data to predict the performance and reliability impacts of combining such techniques and patterns. We found that the models provide acceptable prediction errors below 30% on the private cloud and AWS. Further, we found that the models work best in highly reliable environments like AWS. In addition to the concrete analyses provided in our work, we propose a general and largely automated method that can be followed iteratively to evaluate similar techniques and patterns for their quality properties.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Background About Load Balancing Request Bundle and Rate Limitmentioning

confidence: 99%

Combining API Patterns in Microservice Architectures: Performance and Reliability Analysis

Malki,

Zdun

2023

2023 IEEE International Conference on Web Services (ICWS)

Self Cite

View full text Add to dashboard Cite

show abstract

“…The case study is based on a fictional insurance company called Lakeside Mutual [76]. The application serves to exemplify different API patterns and DDD for MSA.…”

Section: Case Studymentioning

confidence: 99%

Applying Model-Driven Engineering to Stimulate the Adoption of DevOps Processes in Small and Medium-Sized Development Organizations

et al. 2021

View full text Add to dashboard Cite

Microservice architecture (MSA) denotes an increasingly popular architectural style in which business capabilities are wrapped into autonomously developable and deployable software components called microservices. Microservice applications are developed by multiple DevOps teams each owning one or more services. In this article, we explore the state of how DevOps teams in small and medium-sized organizations (SMOs) cope with MSA and how they can be supported. We show through a secondary analysis of an exploratory interview study comprising six cases, that the organizational and technological complexity resulting from MSA poses particular challenges for small and medium-sized organizations (SMOs). We apply model-driven engineering to address these challenges. As results of the second analysis, we identify the challenge areas of building and maintaining a common architectural understanding, and dealing with deployment technologies. To support DevOps teams of SMOs in coping with these challenges, we present a model-driven workflow based on LEMMA—the Language Ecosystem for Modeling Microservice Architecture. To implement the workflow, we extend LEMMA with the functionality to (i) generate models from API documentation; (ii) reference remote models owned by other teams; (iii) generate deployment specifications; and (iv) generate a visual representation of the overall architecture. We validate the model-driven workflow and our extensions to LEMMA through a case study showing that the added functionality to LEMMA can bring efficiency gains for DevOps teams. To develop best practices for applying our workflow to maximize efficiency in SMOs, we plan to conduct more empirical research in the field in the future.

show abstract

“…It is important to note that the client may not be a person but another computer system that uses the functions of another organization’s application system. JWT tokens can be used as an access control mechanism in the microservices architecture [ 7 ]. Tokens are a standardized method of representing authentication and authorization data, and they can be used to implement a wide variety of access management scenarios in the microservices architecture.…”

Section: Introductionmentioning

confidence: 99%

Enhancing Microservices Security with Token-Based Access Control Method

Venčkauskas

Kukta

Grigaliūnas

et al. 2023

Sensors

View full text Add to dashboard Cite

Microservices are compact, independent services that work together with other microservices to support a single application function. Organizations may quickly deliver high-quality applications using the effective design pattern of the application function. Microservices allow for the alteration of one service in an application without affecting the other services. Containers and serverless functions, two cloud-native technologies, are frequently used to create microservices applications. A distributed, multi-component program has a number of advantages, but it also introduces new security risks that are not present in more conventional monolithic applications. The objective is to propose a method for access control that ensures the enhanced security of microservices. The proposed method was experimentally tested and validated in comparison to the centralized and decentralized architectures of the microservices. The obtained results showed that the proposed method enhanced the security of decentralized microservices by distributing the access control responsibility across multiple microservices within the external authentication and internal authorization processes. This allows for easy management of permissions between microservices and can help prevent unauthorized access to sensitive data and resources, as well as reduce the risk of attacks on microservices.

show abstract

Interface Quality Patterns

Cited by 27 publications

References 12 publications

Combining API Patterns in Microservice Architectures: Performance and Reliability Analysis

Combining API Patterns in Microservice Architectures: Performance and Reliability Analysis

Applying Model-Driven Engineering to Stimulate the Adoption of DevOps Processes in Small and Medium-Sized Development Organizations

Enhancing Microservices Security with Token-Based Access Control Method

Contact Info

Product

Resources

About