{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T08:06:33Z","timestamp":1770278793234,"version":"3.49.0"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030184186","type":"print"},{"value":"9783030184193","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-18419-3_19","type":"book-chapter","created":{"date-parts":[[2019,5,1]],"date-time":"2019-05-01T19:25:20Z","timestamp":1556738720000},"page":"285-300","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Fine-Grained Access Control for Microservices"],"prefix":"10.1007","author":[{"given":"Antonio","family":"Nehme","sequence":"first","affiliation":[]},{"given":"Vitor","family":"Jesus","sequence":"additional","affiliation":[]},{"given":"Khaled","family":"Mahbub","sequence":"additional","affiliation":[]},{"given":"Ali","family":"Abdallah","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,4,14]]},"reference":[{"key":"19_CR1","doi-asserted-by":"crossref","unstructured":"Our approach to API authentication. \n                      https:\/\/gdstechnology.blog.gov.uk\/2016\/11\/14\/our-approach-to-authentication\n                      \n                    . Accessed 20 May 2018","DOI":"10.1016\/S1353-4858(18)30128-4"},{"key":"19_CR2","doi-asserted-by":"crossref","unstructured":"Ahmad, A., Hassan, M.M., Aziz, A.: A multi-token authorization strategy for secure mobile cloud computing. In: 2014 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp. 136\u2013141. IEEE, April 2014","DOI":"10.1109\/MobileCloud.2014.21"},{"key":"19_CR3","doi-asserted-by":"crossref","unstructured":"Yarygina, T., Bagge, A.H.: Overcoming security challenges in microservice architectures. In: 2018 IEEE Symposium on Service-Oriented System Engineering (SOSE), pp. 11\u201320. IEEE, March 2018","DOI":"10.1109\/SOSE.2018.00011"},{"key":"19_CR4","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1007\/978-3-319-67425-4_12","volume-title":"Present and Ulterior Software Engineering","author":"N Dragoni","year":"2017","unstructured":"Dragoni, N., et al.: Microservices: yesterday, today, and tomorrow. In: Mazzara, M., Meyer, B. (eds.) Present and Ulterior Software Engineering, pp. 195\u2013216. Springer, Cham (2017). \n                      https:\/\/doi.org\/10.1007\/978-3-319-67425-4_12"},{"key":"19_CR5","doi-asserted-by":"crossref","unstructured":"Gao, X., Uehara, M.: Design of a sports mental cloud. In: 2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 443\u2013448. IEEE, March 2017","DOI":"10.1109\/WAINA.2017.33"},{"key":"19_CR6","doi-asserted-by":"crossref","unstructured":"Geisriegler, M., Kolodiy, M., Stani, S., Singer, R.: Actor based business process modeling and execution: a reference implementation based on ontology models and microservices. In: 2017 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA), pp. 359\u2013362. IEEE, August 2017","DOI":"10.1109\/SEAA.2017.39"},{"key":"19_CR7","doi-asserted-by":"publisher","unstructured":"H\u00e4rtig, H., Roitzsch, M., Weinhold, C., Lackorzynski, A.: Lateral thinking for trustworthy apps. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 1890\u20131899. IEEE, June 2017. \n                      https:\/\/doi.org\/10.1109\/ICDCS.2017.29","DOI":"10.1109\/ICDCS.2017.29"},{"key":"19_CR8","unstructured":"IBM: An integrated approach to insider threat protection. \n                      https:\/\/www-05.ibm.com\/services\/europe\/digital-whitepaper\/security\/growing_threats.html\n                      \n                    . Accessed 15 May 2018"},{"key":"19_CR9","doi-asserted-by":"crossref","unstructured":"Ilhan, \u00d6.M., Thatmann, D., K\u00fcpper, A.: A performance analysis of the XACML decision process and the impact of caching. In: 2015 11th International Conference on Signal-Image Technology & Internet-Based Systems (SITIS), pp. 216\u2013223. IEEE, November 2015","DOI":"10.1109\/SITIS.2015.83"},{"key":"19_CR10","unstructured":"Jones, M., et al.: OAuth 2.0 token exchange draft-ietf-oauth-token-exchange-13. \n                      https:\/\/tools.ietf.org\/html\/draft-ietf-oauth-token-exchange-13"},{"key":"19_CR11","volume-title":"Building Microservices: Designing Fine-Grained Systems","author":"S Newman","year":"2015","unstructured":"Newman, S.: Building Microservices: Designing Fine-Grained Systems. O\u2019Reilly Media, Inc., Sebastopol (2015)"},{"key":"19_CR12","doi-asserted-by":"crossref","unstructured":"Patanjali, S., Truninger, B., Harsh, P., Bohnert, T.M.: Cyclops: a micro service based approach for dynamic rating, charging & billing for cloud. In: 2015 13th International Conference on Telecommunications (ConTEL), pp. 1\u20138. IEEE, July 2015","DOI":"10.1109\/ConTEL.2015.7231226"},{"key":"19_CR13","doi-asserted-by":"crossref","unstructured":"Rajani, V., Garg, D., Rezk, T.: On access control, capabilities, their equivalence, and confused deputy attacks. In: 2016 IEEE 29th Computer Security Foundations Symposium (CSF), pp. 150\u2013163. IEEE, June 2016","DOI":"10.1109\/CSF.2016.18"},{"key":"19_CR14","doi-asserted-by":"crossref","unstructured":"Samlinson, E., Usha, M.: User-centric trust based identity as a service for federated cloud environment. In: 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT), pp. 1\u20135. IEEE, July 2013","DOI":"10.1109\/ICCCNT.2013.6726636"},{"key":"19_CR15","doi-asserted-by":"publisher","first-page":"736","DOI":"10.1016\/j.procs.2017.12.212","volume":"124","author":"H Suryotrisongko","year":"2017","unstructured":"Suryotrisongko, H., Jayanto, D.P., Tjahyanto, A.: Design and development of backend application for public complaint systems using microservice spring boot. Procedia Comput. Sci. 124, 736\u2013743 (2017)","journal-title":"Procedia Comput. Sci."},{"key":"19_CR16","doi-asserted-by":"crossref","unstructured":"Suzic, B.: Securing integration of cloud services in cross-domain distributed environments. In: Proceedings of the 31st Annual ACM Symposium on Applied Computing, pp. 398\u2013405. ACM, April 2016","DOI":"10.1145\/2851613.2851622"},{"key":"19_CR17","doi-asserted-by":"crossref","unstructured":"Suzic, B.: User-centered security management of API-based data integration workflows. In: 2016 IEEE\/IFIP Network Operations and Management Symposium (NOMS), pp. 1233\u20131238. IEEE, April 2016","DOI":"10.1109\/NOMS.2016.7502993"},{"key":"19_CR18","doi-asserted-by":"crossref","unstructured":"Tang, L., Ouyang, L., Tsai, W.T.: Multi-factor web API security for securing mobile cloud. In: 2015 12th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD), pp. 2163\u20132168. IEEE, August 2015","DOI":"10.1109\/FSKD.2015.7382287"},{"key":"19_CR19","unstructured":"Yu, Y., Silveira, H., Sundaram, M.: A microservice based reference architecture model in the context of enterprise architecture. In: 2016 IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), pp. 1856\u20131860. IEEE, October 2016"},{"key":"19_CR20","doi-asserted-by":"crossref","unstructured":"Zhang, H., Li, Z., Wu, W.: Open social and XACML based group authorization framework. In: 2012 Second International Conference on Cloud and Green Computing (CGC), pp. 655\u2013659. IEEE, November 2012","DOI":"10.1109\/CGC.2012.38"},{"issue":"5","key":"19_CR21","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1109\/MCC.2016.114","volume":"3","author":"DS Linthicum","year":"2016","unstructured":"Linthicum, D.S.: Practical use of microservices in moving workloads to the cloud. IEEE Cloud Comput. 3(5), 6\u20139 (2016)","journal-title":"IEEE Cloud Comput."},{"issue":"1","key":"19_CR22","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/MITP.2018.2876987","volume":"21","author":"A Nehme","year":"2019","unstructured":"Nehme, A., Jesus, V., Mahbub, K., Abdallah, A.: Securing microservices. IT Prof. 21(1), 42\u201349 (2019). \n                      https:\/\/doi.org\/10.1109\/MITP.2018.2876987","journal-title":"IT Prof."}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-18419-3_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T10:34:16Z","timestamp":1558348456000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-18419-3_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030184186","9783030184193"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-18419-3_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"14 April 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FPS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Foundations and Practice of Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Montreal, QC","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Canada","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 November 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 November 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fps2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/fps2018.encs.concordia.ca\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"51","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"16","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"31% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}