{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T22:59:43Z","timestamp":1773874783255,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,5,24]],"date-time":"2023-05-24T00:00:00Z","timestamp":1684886400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100009226","name":"National Security Agency","doi-asserted-by":"publisher","award":["H98230-21-1-0155"],"award-info":[{"award-number":["H98230-21-1-0155"]}],"id":[{"id":"10.13039\/100009226","id-type":"DOI","asserted-by":"publisher"}]},{"name":"ONR","award":["N000142212084"],"award-info":[{"award-number":["N000142212084"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,5,24]]},"DOI":"10.1145\/3589608.3594742","type":"proceedings-article","created":{"date-parts":[[2023,5,24]],"date-time":"2023-05-24T22:15:11Z","timestamp":1684966511000},"page":"157-162","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["Sidecar-based Path-aware Security for Microservices"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-0673-711X","authenticated-orcid":false,"given":"Catherine","family":"Meadows","sequence":"first","affiliation":[{"name":"George Washington University, Washington, DC, DC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4187-6135","authenticated-orcid":false,"given":"Sena","family":"Hounsinou","sequence":"additional","affiliation":[{"name":"University of Colorado Colorado Springs, Colorado Springs, CO, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6728-4197","authenticated-orcid":false,"given":"Timothy","family":"Wood","sequence":"additional","affiliation":[{"name":"George Washington University, Washington, DC, DC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5677-7092","authenticated-orcid":false,"given":"Gedare","family":"Bloom","sequence":"additional","affiliation":[{"name":"University of Colorado Colorado Springs, Colorado Springs , CO, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,5,24]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106267"},{"key":"e_1_3_2_1_2_1","volume-title":"Istio: Up and running: Using a service mesh to connect, secure, control, and observe","author":"Calcote Lee","year":"2019","unstructured":"Lee Calcote and Zack Butcher. 2019. Istio: Up and running: Using a service mesh to connect, secure, control, and observe. O'Reilly Media."},{"key":"e_1_3_2_1_3_1","first-page":"800","article-title":"Microservices-based application systems","volume":"800","author":"Chandramouli Ramaswamy","year":"2019","unstructured":"Ramaswamy Chandramouli. 2019. Microservices-based application systems. NIST Special Publication 800, 204 (2019), 800--204.","journal-title":"NIST Special Publication"},{"key":"e_1_3_2_1_4_1","volume-title":"Practical Microservices Architectural Patterns: Event- Based Java Microservices with Spring Boot and Spring Cloud","author":"Christudas Binildas","unstructured":"Binildas Christudas. 2019. Practical Microservices Architectural Patterns: Event- Based Java Microservices with Spring Boot and Spring Cloud. Apress."},{"key":"e_1_3_2_1_5_1","volume-title":"Accessed","author":"Dissanayake Nishu","year":"2021","unstructured":"Nishu Dissanayake. 2021. Handling Cross-Cutting Concerns in Microservices: The Sidecar Pattern. https:\/\/blog.bitsrc.io\/handling-cross-cutting-concerns-in- microservices-the-sidecar\\-pattern-59890fe3dc0f. Accessed: March 21, 2023."},{"key":"e_1_3_2_1_6_1","volume-title":"Manuel Mazzara, Fabrizio Montesi, Ruslan Mustafin, and Larisa Safina.","author":"Dragoni Nicola","year":"2017","unstructured":"Nicola Dragoni, Saverio Giallorenzo, Alberto Lluch Lafuente, Manuel Mazzara, Fabrizio Montesi, Ruslan Mustafin, and Larisa Safina. 2017. Microservices: yes- terday, today, and tomorrow. Present and ulterior software engineering (2017), 195--216."},{"key":"e_1_3_2_1_7_1","unstructured":"Envoy Proxy 2023. Envoy Proxy - Home. https:\/\/www.envoyproxy.io\/. (Accessed on 02\/10\/2023)."},{"key":"e_1_3_2_1_8_1","unstructured":"ESLint 2018. ESLint. https:\/\/eslint.org\/blog\/2018\/07\/postmortem-for-malicious- package-publishes\/"},{"key":"e_1_3_2_1_9_1","volume-title":"Investigating the reproducibility of npm packages. In 2020 IEEE International Con- ference on Software Maintenance and Evolution (ICSME)","author":"Goswami Pronnoy","unstructured":"Pronnoy Goswami, Saksham Gupta, Zhiyuan Li, Na Meng, and Daphne Yao. 2020. Investigating the reproducibility of npm packages. In 2020 IEEE International Con- ference on Software Maintenance and Evolution (ICSME). IEEE, Adelaide, Australia, 677--681."},{"key":"e_1_3_2_1_10_1","unstructured":"Ronen Heled. 2005. HTTP REQUEST SMUGGLING."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3412841.3442036"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2018.8486369"},{"key":"e_1_3_2_1_13_1","volume-title":"23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020","author":"Koishybayev Igibek","year":"2020","unstructured":"Igibek Koishybayev and Alexandros Kapravelos. 2020. Mininode: Reducing the Attack Surface of Node.js Applications. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020). USENIX Association, San Sebastian, 121--134. https:\/\/www.usenix.org\/conference\/raid2020\/presentation\/ koishybayev"},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the 29th USENIX Conference on Security Symposium. 541--558","author":"Legner Markus","year":"2020","unstructured":"Markus Legner, Tobias Klenze, Marc Wyss, Christoph Sprenger, and Adrian Perrig. 2020. EPIC: Every packet is checked in the data plane of a path-aware Internet. In Proceedings of the 29th USENIX Conference on Security Symposium. 541--558."},{"key":"e_1_3_2_1_15_1","unstructured":"Tim McLean. 2020. Critical vulnerabilities in JSON Web Token libraries. https:\/\/ auth0.com\/blog\/critical-vulnerabilities-in-json-web-token-libraries\/. (Accessed on 02\/16\/2023)."},{"key":"e_1_3_2_1_16_1","volume-title":"Building microservices. \"O'Reilly Media","author":"Newman Sam","unstructured":"Sam Newman. 2021. Building microservices. \"O'Reilly Media, Inc.\"."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354215"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2021.102752"},{"key":"e_1_3_2_1_19_1","volume-title":"2018 14th International Conference on Network and Service Management (CNSM). IEEE","author":"Pahl Marc-Oliver","year":"2018","unstructured":"Marc-Oliver Pahl and Fran\u00e7ois-Xavier Aubet. 2018. All eyes on you: Distributed Multi-Dimensional IoT microservice anomaly detection. In 2018 14th International Conference on Network and Service Management (CNSM). IEEE, Rome, Italy, 72--80."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2018.8406118"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2018.8406189"},{"key":"e_1_3_2_1_22_1","volume-title":"Microservices in practice, part 1: Reality check and service design","author":"Pautasso Cesare","year":"2017","unstructured":"Cesare Pautasso, Olaf Zimmermann, Mike Amundsen, James Lewis, and Nicolai Josuttis. 2017. Microservices in practice, part 1: Reality check and service design. IEEE software 34, 01 (2017), 91--98."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3532105.3535036"},{"key":"e_1_3_2_1_24_1","unstructured":"Ekaterina Shmeleva et al. 2020. How Microservices are Changing the Security Landscape. Aalto University Espoo Finland."},{"key":"e_1_3_2_1_25_1","volume-title":"February","author":"Statistics Usage","year":"2023","unstructured":"Usage Statistics and Market Share of Node.js [n. d.]. Usage Statistics and Market Share of Node.js, February 2023. https:\/\/w3techs.com\/technologies\/details\/ws-nodejs. (Accessed on 02\/14\/2023)."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2901739.2901743"}],"event":{"name":"SACMAT '23: The 28th ACM Symposium on Access Control Models and Technologies","location":"Trento Italy","acronym":"SACMAT '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 28th ACM Symposium on Access Control Models and Technologies"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3589608.3594742","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3589608.3594742","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3589608.3594742","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:03:45Z","timestamp":1750291425000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3589608.3594742"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,24]]},"references-count":26,"alternative-id":["10.1145\/3589608.3594742","10.1145\/3589608"],"URL":"https:\/\/doi.org\/10.1145\/3589608.3594742","relation":{},"subject":[],"published":{"date-parts":[[2023,5,24]]},"assertion":[{"value":"2023-05-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}