A generic performance-centric design of authentication and authorization within a microservice architecture

Other Title(s)

تصميم عام متمحور حول الأداء للمصادقة و منح الصلاحيات في المعمارية المعتمدة على الخدمات المصغرة

Dissertant

al-Wadi, Randah Ahmad

Thesis advisor

al-Maayitah, Adi Abd al-Halim

University

Isra University

Faculty

Faculty of Information Technology

Department

Department Software Engineering

University Country

Jordan

Degree

Master

Degree Date

2022

English Abstract

Appealing provided functionalities by a system may be frustrating to users if quality attributes are neglected.

As an example, a microservice-based system may have great characteristics but suffers from security and performance problems which are considered very important quality criteria for users.

Security and performance are contradictory nonfunctional requirements, so a reasonable trade-off must be applied to fulfill both.

One way to enforce an appropriate balance between them is the selection of the correct architectural design decisions.

In this research, two microservice-based architectural designs with integrated authentication and authorization features are proposed based on best practices as well as tests that were conducted for performance which are, specifically, single-user performance tests.

In order to suggest these two designs, the literature was searched first for contributions from researchers and practitioners in the field to be built on top of them.

Then, a series of experimental phases were followed.

The experimental phases of the research included implementing the first microservice architecture and analyzing the performance level, in terms of response time, for its authentication and role-based authorization features using both the Structured Query Language (SQL) and non SQL (NoSQL) database technologies.

After that, implementing the second microservice architecture, which reflects organizational structures, and making an identical analysis for its permission-based authorization characteristic and for the relocation procedure of users within organizational trees.

And finally, documenting the obtained results, analyzing them deeply, and make an interpretation, and then, transforming them into architectural design decisions.

The conducted tests on the two microservice architectures were concentrated, essentially, on specifying the most suitable database technology, i.e., SQL or NoSQL, to accompany their authentication and authorization features’ microservices.

The results of these tests encouraged employing NoSQL databases with small microservice-based systems and SQL ones with medium to large ones in order to perform password-based authentication.

But, indicated that there is no difference between them in the role-based authorization process.

In addition, within the context of organizational structures, they showed that using the SQL technology provides a better performance level in completing the permission-based authorization procedure as well as the relocation action of employees.

Main Subjects

Information Technology and Computer Science

No. of Pages

99

Table of Contents

• APA
• MLA
• AMA

Language

English

Data Type

Arab Theses

Record ID

BIM-1414477