由於微服務將系統拆解成多個獨立的模組，行程間的通訊成為了服務模組間的通訊，擴大了系統的可攻擊面。若服務模組間相互通訊並且無條件信任，每次發起請求或接受請求都不對訊息來源進行確認。在這種信任關係下，服務模組容易被攻擊者利用。
為避免服務模組間的信任關係被利用，被攻陷的服務作為跳板導致威脅迅速擴展。本論文提出「以微服務為基礎的動態情境感知細粒度存取控制框架」，該框架針對服務模組間的訪問控制進行改善。以零信賴（Zero Trust）安全模型作為服務間存取控制設計目標，依據使用者與服務的情境（Context）資訊進行動態存取控制決策。在系統架構的設計上，該框架獨立於微服務程式碼，並且執行實時安全策略更新機制。本研究依據服務數量與安全策略數量進行效能分析，實驗結果呈現在非極端的情況下，該框架能夠於0.1毫秒內完成存取控制驗證。

Microservice architecture to break up a system into independent module and thus to expanded the attack surface of the system. Communication between processes converted to between services module. If the modules communicate with each other and trust unconditionally, the source of the message is not confirmed when a request is initiated or accepted. Attacker used vulnerabilities to destroy the system.
To avoid microservices module are exploited by unauthorized person. This thesis design inter-service access control based on zero trust networks. This thesis proposes a dynamic context-aware fine-grained access control framework based on microservice. The purpose of the framework to improve access control issues in microservice systems to prevent compromised microservices as a relay node to cause threats to expand rapidly. To achieve our design target of inter-service access control of the zero trust security model, this study will implement dynamic access control decisions based on the context information of users and services. In the aspect of system architecture, the framework proposed in this study is independent of microservice code and implements a real-time security policy update mechanism. This thesis conducts performance analysis based on the number of services and the number of security policies. According to the experimental results, the access control verification is completed within 0.1 milliseconds under non-extreme conditions.

摘要 I
ABSTRACT II
誌謝 III
TABLE OF CONTENTS IV
LIST OF TABLES VII
LIST OF FIGURES VIII
CHAPTER 1 INTRODUCTION 1
1.1 BACKGROUND 1
1.2 MOTIVATION AND CONTRIBUTION 2
1.3 SEQUENCES OF CHAPTERS 4
CHAPTER 2 PRELIMINARIES 6
2.1 MICROSERVICE ARCHITECTURE 6
2.2 CONTAINER TECHNOLOGY 9
2.3 CONTAINER ORCHESTRATION PLATFORMS 12
2.3.1 Kubernetes 12
2.3.2 Service Meshes 21
2.4 ADVANCED MESSAGE QUEUING PROTOCOL 22
2.5 DATALOG 27
CHAPTER 3 LITERATURE REVIEW 29
3.1 TRADITIONAL ACCESS CONTROL 29
3.2 ACCESS CONTROL WITH MICROSERVICE 32
3.2.1 Edge-Level Access Control 33
3.2.2 Service-Level Access Control 34
3.2.3 External Entity Identity Propagation 41
3.3 CONTEXT-AWARE ACCESS CONTROL 42
3.4 CONTAINER SECURITY 43
CHAPTER 4 PROPOSED FRAMEWORK 45
4.1 ARCHITECTURE OVERVIEW 45
4.2 ATTACKER MODEL 49
4.3 SECURITY POLICY 56
4.4 SECURITY POLICY REGISTRATION 57
4.4.1 Service List 61
4.4.2 Policy repository 62
4.4.3 Policy information datastore 64
4.5 DYNAMIC ACCESS CONTROL IN MICROSERVICE 67
4.6 SECURITY POLICY UPDATE 70
4.7 PRIVILEGE CHECK IN CONTAINER 73
4.7.1 Source Check 74
4.7.2 Privilege Check 75
4.7.3 Deploy Key Check 75
CHAPTER 5 EXPERIMENT AND ANALYSIS 77
5.1 EXPERIMENTAL ENVIRONMENTS 77
5.1.1 Preparation of experiment 78
5.2 EXPERIMENTAL FOR ACCESS CONTROL BETWEEN TWO SERVICE 78
5.2.1 Scenario Description 78
5.2.2 Experiment set up 79
5.2.3 Process of Experiment 86
5.2.4 Result of Experiment 90
5.3 EXPERIMENTAL FOR ACCESS CONTROL BETWEEN THREE SERVICE 91
5.3.1 Scenario Description 91
5.3.2 Experiment set up 91
5.3.3 Process of Experiment 99
5.3.4 Result of Experiment 103
5.4 EXPERIMENTAL FOR CONTAINER PRIVILEGE CHECK 103
5.4.1 The legitimacy of the source of the image 103
5.4.2 Container privilege check 104
5.4.3 Pod specific label check 105
5.4.4 Result of Experiment 106
5.5 PERFORMANCE ANALYSIS 107
5.5.1 Privilege Check 107
5.5.2 Security policy generation 109
5.5.3 Security policy verification 111
CHAPTER 6 CONCLUSION 115
REFERENCE 117

[1] Cerny, T., Donahoo, M. J., & Trnka, M. (2018). Contextual understanding of microservice architecture: current and future directions. ACM SIGAPP Applied Computing Review, 17(4), 29-45.
[2] Shadija, D., Rezai, M., & Hill, R. (2017, September). Towards an understanding of microservices. In 2017 23rd International Conference on Automation and Computing (ICAC) (pp. 1-6). IEEE.
[3] Yarygina, T., & Bagge, A. H. (2018, March). Overcoming security challenges in microservice architectures. In 2018 IEEE Symposium on Service-Oriented System Engineering (SOSE) (pp. 11-20). IEEE.
[4] Richardson C., Smith F. (2016). Microservices from Design to Deployment. NGINX.
[5] Microsoft. (2017a). Containerized Microservices. Available at: https://docs.mi- crosoft.com/en-us/xamarin/xamarin-forms/enterprise-application-patterns/containerized-microservices
[6] Dragoni, N., Giallorenzo, S., Lafuente, A. L., Mazzara, M., Montesi, F., Mustafin, R., & Safina, L. (2017). Microservices: yesterday, today, and tomorrow. Present and ulterior software engineering, 195-216.
[7] Newman, S. (2015). Building microservices: designing fine-grained systems. " O'Reilly Media, Inc.".
[8] Networking, C. V. (2016). Cisco global cloud index: Forecast and methodology, 2015-2020. white paper. Cisco Public, San Jose.
[9] Preuveneers, D., & Joosen, W. (2017). Access control with delegated authorization policy evaluation for data-driven microservice workflows. Future Internet, 9(4), 58.
[10] Kayes, A. S. M., Rahayu, W., Watters, P., Alazab, M., Dillon, T., & Chang, E. (2020). Achieving security scalability and flexibility using fog-based context-aware access control. Future Generation Computer Systems, 107, 307-323.
[11] Jander, K., Braubach, L., & Pokahr, A. (2018). Defense-in-depth and role authentication for microservice systems. Procedia computer science, 130, 456-463.
[12] Birgisson, A., Politz, J. G., Erlingsson, U., Taly, A., Vrable, M., & Lentczner, M. (2014). Macaroons: Cookies with contextual caveats for decentralized authorization in the cloud.
[13] Arfaoui, A., Boudia, O. R. M., Kribeche, A., Senouci, S. M., & Hamdi, M. (2020). Context-aware access control and anonymous authentication in WBAN. Computers & Security, 88, 101496.
[14] Gilman, E., & Barth, D. (2017). Zero Trust Networks. O'Reilly Media, Incorporated.
[15] Cunningham, C., Holmes, D., Pollard, J., & Their, D. N. A. (2019). The eight business and security benefits of zero trust. 2019.
[16] Petersen, K., Vakkalanka, S., & Kuzniarz, L. (2015). Guidelines for conducting systematic mapping studies in software engineering: An update. Information and Software Technology, 64, 1-18.
[17] Dragoni, N., Giallorenzo, S., Lafuente, A. L., Mazzara, M., Montesi, F., Mustafin, R., & Safina, L. (2017). Microservices: yesterday, today, and tomorrow. Present and ulterior software engineering, 195-216.
[18] Mazlami, G., Cito, J., & Leitner, P. (2017, June). Extraction of microservices from monolithic software architectures. In 2017 IEEE International Conference on Web Services (ICWS) (pp. 524-531). IEEE.
[19] Bucchiarone, A., Dragoni, N., Dustdar, S., Larsen, S. T., & Mazzara, M. (2018). From monolithic to microservices: An experience report from the banking domain. Ieee Software, 35(3), 50-55.
[20] Levcovitz, A., Terra, R., & Valente, M. T. (2016). Towards a technique for extracting microservices from monolithic enterprise systems. arXiv preprint arXiv:1605.03175.
[21] Chen, R., Li, S., & Li, Z. (2017, December). From monolith to microservices: A dataflow-driven approach. In 2017 24th Asia-Pacific Software Engineering Conference (APSEC) (pp. 466-475). IEEE.
[22] Dragoni, N., Lanese, I., Larsen, S. T., Mazzara, M., Mustafin, R., & Safina, L. (2017, June). Microservices: How to make your application scale. In International Andrei Ershov Memorial Conference on Perspectives of System Informatics (pp. 95-104). Springer, Cham.
[23] Pahl, C., & Jamshidi, P. (2016, April). Microservices: A Systematic Mapping Study. In CLOSER (1) (pp. 137-146).
[24] Taibi, D., Lenarduzzi, V., & Pahl, C. (2018, March). Architectural Patterns for Microservices: A Systematic Mapping Study. In CLOSER (pp. 221-232).
[25] Alshuqayran, N., Ali, N., & Evans, R. (2016, November). A systematic mapping study in microservice architecture. In 2016 IEEE 9th International Conference on Service-Oriented Computing and Applications (SOCA) (pp. 44-51). IEEE.
[26] Aderaldo, C. M., Mendonça, N. C., Pahl, C., & Jamshidi, P. (2017, May). Benchmark requirements for microservices architecture research. In 2017 IEEE/ACM 1st International Workshop on Establishing the Community-Wide Infrastructure for Architecture-Based Software Engineering (ECASE) (pp. 8-13). IEEE.
[27] Newman, S. (2015). Building microservices: designing fine-grained systems. " O'Reilly Media, Inc.".
[28] Jaramillo, D., Nguyen, D. V., & Smart, R. (2016, March). Leveraging microservices architecture by using Docker technology. In SoutheastCon 2016 (pp. 1-5). IEEE.
[29] Taleb, T., Samdanis, K., Mada, B., Flinck, H., Dutta, S., & Sabella, D. (2017). On multi-access edge computing: A survey of the emerging 5G network edge cloud architecture and orchestration. IEEE Communications Surveys & Tutorials, 19(3), 1657-1681.
[30] Kayal, P. (2020, June). Kubernetes in Fog Computing: Feasibility Demonstration, Limitations and Improvement Scope. In 2020 IEEE 6th World Forum on Internet of Things (WF-IoT) (pp. 1-6). IEEE.
[31] Habbal, N. (2020). Enhancing Availability of Microservice Architecture: A Case Study on Kubernetes Security Configurations.
[32] Miell, I., & Sayers, A. (2019). Docker in practice. Simon and Schuster.
[33] Singh, V., & Peddoju, S. K. (2017, May). Container-based microservice architecture for cloud applications. In 2017 International Conference on Computing, Communication and Automation (ICCCA) (pp. 847-852). IEEE.
[34] Kang, H., Le, M., & Tao, S. (2016, April). Container and microservice driven design for cloud infrastructure devops. In 2016 IEEE International Conference on Cloud Engineering (IC2E) (pp. 202-211). IEEE.
[35] Amaral, M., Polo, J., Carrera, D., Mohomed, I., Unuvar, M., & Steinder, M. (2015, September). Performance evaluation of microservices architectures using containers. In 2015 IEEE 14th International Symposium on Network Computing and Applications (pp. 27-34). IEEE.
[36] Jaramillo, D., Nguyen, D. V., & Smart, R. (2016, March). Leveraging microservices architecture by using Docker technology. In SoutheastCon 2016 (pp. 1-5). IEEE.
[37] Stubbs, J., Moreira, W., & Dooley, R. (2015, June). Distributed systems of microservices using docker and serfnode. In 2015 7th International Workshop on Science Gateways (pp. 34-39). IEEE.
[38] Alam, M., Rufino, J., Ferreira, J., Ahmed, S. H., Shah, N., & Chen, Y. (2018). Orchestration of microservices for iot using docker and edge computing. IEEE Communications Magazine, 56(9), 118-123.
[39] Sysdig. (2019). A container usage report conducted in 2019 by Sysdig. Available at: https://sysdig.com/blog/sysdig-2019-container-usage-report.
[40] Vayghan, L. A., Saied, M. A., Toeroe, M., & Khendek, F. (2018, July). Deploying microservice based applications with Kubernetes: experiments and lessons learned. In 2018 IEEE 11th international conference on cloud computing (CLOUD) (pp. 970-973). IEEE.
[41] Burns, B., Grant, B., Oppenheimer, D., Brewer, E., & Wilkes, J. (2016). Borg, Omega, and Kubernetes: Lessons learned from three container-management systems over a decade. Queue, 14(1), 70-93.
[42] Bernstein, D. (2014). Containers and cloud: From lxc to docker to kubernetes. IEEE Cloud Computing, 1(3), 81-84.
[43] Moyer, F. (2018). Comprehensive container-based service monitoring with Kubernetes and Istio.
[44] Sayfan, G. (2017). Mastering kubernetes. Packt Publishing Ltd.
[45] Li, W., Lemieux, Y., Gao, J., Zhao, Z., & Han, Y. (2019, April). Service mesh: Challenges, state of the art, and future research opportunities. In 2019 IEEE International Conference on Service-Oriented System Engineering (SOSE) (pp. 122-1225). IEEE.
[46] Chandramouli, R., & Butcher, Z. (2020). Building secure microservices-based applications using service-mesh architecture. NIST Special Publication, 800, 204A.
[47] Jamshidi, P., Pahl, C., Mendonça, N. C., Lewis, J., & Tilkov, S. (2018). Microservices: The journey so far and challenges ahead. IEEE Software, 35(3), 24-35.
[48] Kang, M., Shin, J. S., & Kim, J. (2019, January). Protected coordination of service mesh for container-based 3-tier service traffic. In 2019 International Conference on Information Networking (ICOIN) (pp. 427-429). IEEE.
[49] Dab, B., Fajjari, I., Rohon, M., Auboin, C., & Diquélou, A. (2020, June). Cloud-native service function chaining for 5G based on network service mesh. In ICC 2020-2020 IEEE International Conference on Communications (ICC) (pp. 1-7). IEEE.
[50] Hong, X. J., Yang, H. S., & Kim, Y. H. (2018, October). Performance analysis of RESTful API and RabbitMQ for microservice web application. In 2018 International Conference on Information and Communication Technology Convergence (ICTC) (pp. 257-259). IEEE.
[51] Ma, S. P., Liu, I. H., Chen, C. Y., Lin, J. T., & Hsueh, N. L. (2019, December). Version-based microservice analysis, monitoring, and visualization. In 2019 26th Asia-Pacific Software Engineering Conference (APSEC) (pp. 165-172). IEEE.
[52] Green, T. J., Huang, S. S., Loo, B. T., & Zhou, W. (2013). Datalog and recursive query processing. Now Publishers.
[53] Dian, N., Yesi, N. K., & Rusmala, S. (2013). Single Sign On (Sso) Dengan Menggunakan Lightweight Directory Access Protocol (Ldap) Studi Kasus Di Universitas Bina Darma. JURNAL MAHASISWA TI S1.
[54] Selvi, R. K., & Kavitha, V. (2012). Authentication in grid security infrastructure-survey. Procedia Engineering, 38, 4030-4036.
[55] Patanjali, S., Truninger, B., Harsh, P., & Bohnert, T. M. (2015, July). Cyclops: a micro service based approach for dynamic rating, charging & billing for cloud. In 2015 13th International Conference on Telecommunications (ConTEL) (pp. 1-8). IEEE.
[56] Li, W., & Mitchell, C. J. (2016, July). Analysing the Security of Google’s implementation of OpenID Connect. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 357-376). Springer, Cham.
[57] Bu, K., Xiao, B., & Qian, Y. (2017). High performance and security in cloud computing.
[58] Lu, D., Huang, D., Walenstein, A., & Medhi, D. (2017, April). A secure microservice framework for iot. In 2017 IEEE Symposium on Service-Oriented System Engineering (SOSE) (pp. 9-18). IEEE.
[59] Hu, V. C., Ferraiolo, D., Kuhn, R., Friedman, A. R., Lang, A. J., Cogdell, M. M., ... & Scarfone, K. (2013). Guide to attribute based access control (ABAC) definition and considerations (draft). NIST special publication, 800(162).
[60] Chandramouli, R., & Butcher, Z. (2020). Building secure microservices-based applications using service-mesh architecture. NIST Special Publication, 800, 204A.
[61] Bánáti, A., Kail, E., Karóczkai, K., & Kozlovszky, M. (2018, May). Authentication and authorization orchestrator for microservice-based software architectures. In 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 1180-1184). IEEE.
[62] Barabanov, A., Markov, A., Fadin, A., Tsirlov, V., & Shakhalov, I. (2015, September). Synthesis of secure software development controls. In Proceedings of the 8th International Conference on Security of Information and Networks (pp. 93-97).
[63] Pereira-Vale, A., Márquez, G., Astudillo, H., & Fernandez, E. B. (2019). Security mechanisms used in microservices-based systems: A systematic mapping. In 2019 XLV Latin American Computing Conference (CLEI) (pp. 01-10). IEEE.
[64] Fu, G., Sun, J., & Zhao, J. (2018, October). An optimized control access mechanism based on micro-service architecture. In 2018 2nd IEEE Conference on Energy Internet and Energy System Integration (EI2) (pp. 1-5). IEEE.
[65] Li, X., Chen, Y., & Lin, Z. (2019, August). Towards automated inter-service authorization for microservice applications. In Proceedings of the ACM SIGCOMM 2019 Conference Posters and Demos (pp. 3-5).
[66] Nehme, A., Jesus, V., Mahbub, K., & Abdallah, A. (2018, November). Fine-grained access control for microservices. In International Symposium on Foundations and Practice of Security (pp. 285-300). Springer, Cham.
[67] Preuveneers, D., & Joosen, W. (2019, June). Towards multi-party policy-based access control in federations of cloud and edge microservices. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 29-38). IEEE.
[68] Brady S., Delegation Patterns for OAuth 2.0. Available at https://www.scottbrady91.com/OAuth/Delegation-Patterns-for-OAuth-20
[69] Yarygina, T., & Bagge, A. H. (2018, March). Overcoming security challenges in microservice architectures. In 2018 IEEE Symposium on Service-Oriented System Engineering (SOSE) (pp. 11-20). IEEE.
[70] Christudas, B. (2019). Microservices Security. In Practical Microservices Architectural Patterns (pp. 733-777). Apress, Berkeley, CA.
[71] Barabanov, A., Markov, A., & Tsirlov, V. (2016, May). Procedure for substantiated development of measures to design secure software for automated process control systems. In 2016 International Siberian Conference on Control and Communications (SIBCON) (pp. 1-4). IEEE.
[72] Hussain, F., Li, W., Noye, B., Sharieh, S., & Ferworn, A. (2019, October). Intelligent Service Mesh Framework for API Security and Management. In 2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON) (pp. 0735-0742). IEEE.
[73] Dey, A. K. (2001). Understanding and using context. Personal and ubiquitous computing, 5(1), 4-7.
[74] Dey, A. K., Abowd, G. D., & Salber, D. (2001). A conceptual framework and a toolkit for supporting the rapid prototyping of context-aware applications. Human–Computer Interaction, 16(2-4), 97-166.
[75] Ferraiolo, D., Kuhn, D. R., & Chandramouli, R. (2003). Role-based access control. Artech House.
[76] Kuhn, D. R., Coyne, E. J., & Weil, T. R. (2010). Adding attributes to role-based access control. Computer, 43(6), 79-81.
[77] Sandhu, R. S., & Samarati, P. (1994). Access control: principle and practice. IEEE communications magazine, 32(9), 40-48.
[78] O'Connor, A., & Loomis, R. (2010). Economic analysis of role-based access control (No. RTI Project Number 0211876, pp. 132-132). RTI International.
[79] Ferraiolo, D. F., Sandhu, R., Gavrila, S., Kuhn, D. R., & Chandramouli, R. (2001). Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security (TISSEC), 4(3), 224-274.
[80] Corradi, A., Montanari, R., & Tibaldi, D. (2004, September). Context-based access control for ubiquitous service provisioning. In Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004. (pp. 444-451). IEEE.
[81] Bertino, E., Bonatti, P. A., & Ferrari, E. (2000, July). TRBAC: A temporal role-based access control model. In Proceedings of the fifth ACM workshop on Role-based access control (pp. 21-30).
[82] Joshi, J. B., Bertino, E., Latif, U., & Ghafoor, A. (2005). A generalized temporal role-based access control model. IEEE transactions on knowledge and data engineering, 17(1), 4-23.
[83] Damiani, M. L., Bertino, E., Catania, B., & Perlasca, P. (2007). GEO-RBAC: a spatially aware RBAC. ACM Transactions on Information and System Security (TISSEC), 10(1), 2-es.
[84] Chandran, S. M., & Joshi, J. B. (2005, November). LoT-RBAC: A location and time-based RBAC model. In International Conference on Web Information Systems Engineering (pp. 361-375). Springer, Berlin, Heidelberg.
[85] Trnka, M., & Cerny, T. (2016, April). On security level usage in context-aware role-based access control. In Proceedings of the 31st Annual ACM Symposium on Applied Computing (pp. 1192-1195).
[86] Hosseinzadeh, S., Virtanen, S., Díaz-Rodríguez, N., & Lilius, J. (2016, June). A semantic security framework and context-aware role-based access control ontology for smart spaces. In Proceedings of the International Workshop on Semantic Big Data (pp. 1-6).
[87] Downer, K., & Bhattacharya, M. (2015, December). BYOD security: A new business challenge. In 2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity) (pp. 1128-1133). IEEE.
[88] Kang, D., Oh, J., & Im, C. (2014, August). Context based smart access control on BYOD environments. In International Workshop on Information Security Applications (pp. 165-176). Springer, Cham.
[89] Kang, Q., Xue, L., Morrison, A., Tang, Y., Chen, A., & Luo, X. (2020). Programmable In-Network Security for Context-aware {BYOD} Policies. In 29th {USENIX} Security Symposium ({USENIX} Security 20) (pp. 595-612).
[90] Palanisamy, R., Norman, A. A., & Mat Kiah, M. L. (2020). BYOD policy compliance: Risks and strategies in organizations. Journal of Computer Information Systems, 1-12.
[91] Jamal, F., Taufik, M., Abdullah, A. A., & Hanapi, Z. M. (2020, April). A Systematic Review Of Bring Your Own Device (BYOD) Authentication Technique. In Journal of Physics: Conference Series (Vol. 1529, No. 4, p. 042071). IOP Publishing.
[92] Shu, R., Gu, X., & Enck, W. (2017, March). A study of security vulnerabilities on docker hub. In Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy (pp. 269-280).
[93] Gummaraju, J., Desikan, T., & Turner, Y. (2015). Over 30% of official images in docker hub contain high priority security vulnerabilities. Technical Report, Banyan Ops.
[94] Sultan, S., Ahmad, I., & Dimitriou, T. (2019). Container security: Issues, challenges, and the road ahead. IEEE Access, 7, 52976-52996.

[95] Bu, K., Xiao, B., & Qian, Y. (2017). High performance and security in cloud computing.