{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,27]],"date-time":"2026-03-27T21:06:31Z","timestamp":1774645591752,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":22,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819672370","type":"print"},{"value":"9789819672387","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,7,23]],"date-time":"2025-07-23T00:00:00Z","timestamp":1753228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,7,23]],"date-time":"2025-07-23T00:00:00Z","timestamp":1753228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-96-7238-7_15","type":"book-chapter","created":{"date-parts":[[2025,7,22]],"date-time":"2025-07-22T14:25:03Z","timestamp":1753194303000},"page":"182-193","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Externalized and\u00a0Decentralized Authorization of\u00a0Microservices"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-0507-7195","authenticated-orcid":false,"given":"Niklas","family":"S\u00e4nger","sequence":"first","affiliation":[]},{"given":"Sebastian","family":"Abeck","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,23]]},"reference":[{"key":"15_CR1","doi-asserted-by":"publisher","unstructured":"Aftab, M.u., Qin, Z., Zakria, Ali, S., Pirah, Khan, J.: The evaluation and comparative analysis of role based access control and attribute based access control model. In: 2018 15th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP), pp. 35\u201339 (Dec 2018). https:\/\/doi.org\/10.1109\/ICCWAMTIP.2018.8632578, iSSN: 2576-8964","DOI":"10.1109\/ICCWAMTIP.2018.8632578"},{"key":"15_CR2","doi-asserted-by":"publisher","unstructured":"Berardi, D., Giallorenzo, S., Mauro, J., Melis, A., Montesi, F., Prandini, M.: Microservice security: a systematic literature review. PeerJ Comput. Sci. 7, e779 (Jan 2022). https:\/\/doi.org\/10.7717\/peerj-cs.779, https:\/\/peerj.com\/articles\/cs-779","DOI":"10.7717\/peerj-cs.779"},{"key":"15_CR3","unstructured":"Burns, B., Oppenheimer, D.: Design patterns for container-based distributed systems. In: 8th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 16) (2016)"},{"key":"15_CR4","unstructured":"Cloud Native Computing Foundation: Envoy Documentation: HTTP filters - External Authorization. https:\/\/www.envoyproxy.io\/docs\/envoy\/latest\/configuration\/http\/http_filters\/ext_authz_filter. Accessed 15 Sept 2024"},{"key":"15_CR5","unstructured":"Cloud Native Computing Foundation: Open Policy Agent: Documentation. https:\/\/www.openpolicyagent.org\/docs\/latest\/. Accessed 16 Sept 2024"},{"key":"15_CR6","unstructured":"Elliott, A., Knight, S.: Role explosion: acknowledging the problem. In: Software Engineering Research and Practice, pp. 349\u2013355 (2010)"},{"key":"15_CR7","doi-asserted-by":"publisher","unstructured":"Ghotbi, S.H., Fischer, B.: Fine-grained role- and attribute-based access control for web applications. In: Cordeiro, J., Hammoudi, S., van Sinderen, M. (eds.) Software and Data Technologies, vol.\u00a0411, pp. 171\u2013187. Springer Berlin Heidelberg, Berlin, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-45404-2_12, http:\/\/link.springer.com\/10.1007\/978-3-642-45404-2_12, series Title: Communications in Computer and Information Science","DOI":"10.1007\/978-3-642-45404-2_12"},{"key":"15_CR8","doi-asserted-by":"publisher","unstructured":"Gollmann, D.: Computer security. WIREs Comput. Stat. 2(5), 544\u2013554 (2010). https:\/\/doi.org\/10.1002\/wics.106, https:\/\/onlinelibrary.wiley.com\/doi\/abs\/10.1002\/wics.106","DOI":"10.1002\/wics.106"},{"key":"15_CR9","doi-asserted-by":"publisher","unstructured":"Hu, V.C., et al.: Guide to Attribute Based Access Control (ABAC) Definition and Considerations. Tech. Rep. NIST SP 800-162, National Institute of Standards and Technology (Jan 2014). https:\/\/doi.org\/10.6028\/NIST.SP.800-162, https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-162.pdf","DOI":"10.6028\/NIST.SP.800-162"},{"key":"15_CR10","doi-asserted-by":"publisher","unstructured":"Kizza, J.M.: Access control and authorization. In: Guide to Computer Network Security, pp. 185\u2013204. Springer London, London (2015). https:\/\/doi.org\/10.1007\/978-1-4471-6654-2_9, https:\/\/link.springer.com\/10.1007\/978-1-4471-6654-2_9, series Title: Computer Communications and Networks","DOI":"10.1007\/978-1-4471-6654-2_9"},{"key":"15_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1007\/978-3-030-18419-3_19","volume-title":"Foundations and Practice of Security","author":"A Nehme","year":"2019","unstructured":"Nehme, A., Jesus, V., Mahbub, K., Abdallah, A.: Fine-grained access control for microservices. In: Zincir-Heywood, N., Bonfante, G., Debbabi, M., Garcia-Alfaro, J. (eds.) FPS 2018. LNCS, vol. 11358, pp. 285\u2013300. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-18419-3_19"},{"key":"15_CR12","unstructured":"Newman, S.: Building microservices: designing fine-grained systems. O\u2019Reilly Media, Beijing Sebastopol, CA, first edition edn. (2015)"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Ponce, F., Soldani, J., Astudillo, H., Brogi, A.: Smells and Refactorings for Microservices Security: A Multivocal Literature Review (Apr 2021). http:\/\/arxiv.org\/abs\/2104.13303, arXiv:2104.13303 [cs]","DOI":"10.1016\/j.jss.2022.111393"},{"key":"15_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1007\/978-3-030-91431-8_13","volume-title":"Service-Oriented Computing","author":"M Sauwens","year":"2021","unstructured":"Sauwens, M., Heydari Beni, E., Jannes, K., Lagaisse, B., Joosen, W.: ThunQ: a distributed and deep authorization middleware for early and lazy policy enforcement in microservice applications. In: Hacid, H., Kao, O., Mecella, M., Moha, N., Paik, H. (eds.) ICSOC 2021. LNCS, vol. 13121, pp. 204\u2013220. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-91431-8_13"},{"key":"15_CR15","doi-asserted-by":"publisher","unstructured":"Singh, A., Raj, V., Ravichandra, S.: Integration of Attribute-Based Access Control in Microservices Architecture. In: Tuba, M., Akashe, S., Joshi, A. (eds.) ICT Systems and Sustainability, vol.\u00a0321, pp. 681\u2013690. Springer Nature Singapore, Singapore (2022). https:\/\/doi.org\/10.1007\/978-981-16-5987-4_69, https:\/\/link.springer.com\/10.1007\/978-981-16-5987-4_69, series Title: Lecture Notes in Networks and Systems","DOI":"10.1007\/978-981-16-5987-4_69"},{"key":"15_CR16","unstructured":"Swoyer, M.: Microservices Adoption in 2020 (Jul 2020). https:\/\/www.oreilly.com\/radar\/microservices-adoption-in-2020\/"},{"key":"15_CR17","unstructured":"S\u00e4nger, N.: Evaluation data: Environment for externalized and decentralized authorization of microservices. https:\/\/doi.org\/10.35097\/5p0q6v4ws10u6ujg"},{"key":"15_CR18","unstructured":"Wiggins, A.: The Twelve-Factor App. http:\/\/12factor.net (2012)"},{"key":"15_CR19","doi-asserted-by":"publisher","unstructured":"Wohlin, C., Runeson, P., H\u00f6st, M., Ohlsson, M.C., Regnell, B., Wessl\u00e9n, A.: Experimentation in Software Engineering. Springer Berlin Heidelberg, Berlin, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29044-2, http:\/\/link.springer.com\/10.1007\/978-3-642-29044-2","DOI":"10.1007\/978-3-642-29044-2"},{"key":"15_CR20","doi-asserted-by":"publisher","unstructured":"Yarygina, T., Bagge, A.H.: Overcoming security challenges in microservice architectures. In: 2018 IEEE Symposium on Service-Oriented System Engineering (SOSE), pp. 11\u201320 (Mar 2018). https:\/\/doi.org\/10.1109\/SOSE.2018.00011","DOI":"10.1109\/SOSE.2018.00011"},{"key":"15_CR21","doi-asserted-by":"publisher","unstructured":"Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: IEEE International Conference on Web Services (ICWS\u201905), pp.\u00a0569 (Jul 2005). https:\/\/doi.org\/10.1109\/ICWS.2005.25","DOI":"10.1109\/ICWS.2005.25"},{"key":"15_CR22","doi-asserted-by":"publisher","unstructured":"Zhou, X., et al.: Benchmarking microservice systems for software engineering research. In: Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings, pp. 323\u2013324. ACM, Gothenburg Sweden (May 2018). https:\/\/doi.org\/10.1145\/3183440.3194991, https:\/\/dl.acm.org\/doi\/10.1145\/3183440.3194991","DOI":"10.1145\/3183440.3194991"}],"container-title":["Lecture Notes in Computer Science","Service-Oriented Computing \u2013 ICSOC 2024 Workshops"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-7238-7_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,27]],"date-time":"2026-03-27T20:33:48Z","timestamp":1774643628000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-7238-7_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,23]]},"ISBN":["9789819672370","9789819672387"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-7238-7_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,23]]},"assertion":[{"value":"23 July 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICSOC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Service-Oriented Computing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tunis","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tunisia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icsoc2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/icsoc2024.redcad.tn\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}