Serverless computing is a novel paradigm that has been widely adopted, in recent years, across many sectors due to its fine-grained scalability and fast time-to-market. This paradigm aims at offloading users from heavy burden tasks including those related to authentication and authorization. However, existing security mechanisms provided by cloud providers do not seem to be adequate to completely secure serverless platforms. In particular, typical access control solutions rely either on centralized authorization services or implement access control verification within the business logic. These approaches respectively degrade system performance and lead to security issues derived from the tight coupling among code and authorization verification. In this paper, we present a solution to address these problems with a fully decentralized architecture integrating access control verification in serverless environments. We implemented a prototype of the proposed architecture and evaluated its performance under different load conditions. Experiments show that our proposal outperforms other approaches.

A Fully Decentralized Architecture for Access Control Verification in Serverless Environments

Sabbioni Andrea;Mazzocca Carlo;Colajanni Michele;Montanari Rebecca;Corradi Antonio
2022

Abstract

Serverless computing is a novel paradigm that has been widely adopted, in recent years, across many sectors due to its fine-grained scalability and fast time-to-market. This paradigm aims at offloading users from heavy burden tasks including those related to authentication and authorization. However, existing security mechanisms provided by cloud providers do not seem to be adequate to completely secure serverless platforms. In particular, typical access control solutions rely either on centralized authorization services or implement access control verification within the business logic. These approaches respectively degrade system performance and lead to security issues derived from the tight coupling among code and authorization verification. In this paper, we present a solution to address these problems with a fully decentralized architecture integrating access control verification in serverless environments. We implemented a prototype of the proposed architecture and evaluated its performance under different load conditions. Experiments show that our proposal outperforms other approaches.
2022 IEEE Symposium on Computers and Communications (ISCC)
1
6
Sabbioni Andrea, Mazzocca Carlo, Colajanni Michele, Montanari Rebecca, Corradi Antonio
File in questo prodotto:
Eventuali allegati, non sono esposti

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/899312
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact