ECSA 2022
Mon 19 - Fri 23 September 2022 Prague, Czech Republic
Thu 22 Sep 2022 15:30 - 15:35 at S4 - Components, APIs and interface management Chair(s): Jasmin Jahic, Nuno Laranjeiro

Data transfer and exchange of information through APIs are essential for each microservice architecture. Since these transfers often include private or sensitive data, potential data leaks, either accidentally or through malicious attacks, provide a high-security risk. While there are different techniques, like using data encryption or authentication protocols to secure the data exchange, only a few strategies are known to reduce the damage when an actual data breach happens. Our work presents a novel approach to identifying the optimal amount of data attributes that need to be exchanged between APIs and minimizes the damage in case of a potential breach. Our method relies only on static source code analysis and easy-to-calculate architectural metrics, making it well suited to be used in continuous integration and deployment processes. We further verified and validated the feasibility of our approach by conducting two case studies on open-source microservice systems.

Thu 22 Sep

Displayed time zone: Belgrade, Bratislava, Budapest, Ljubljana, Prague change

15:30 - 17:00
Components, APIs and interface managementResearch Papers / Tools & Demos at S4
Chair(s): Jasmin Jahic University of Cambridge, UK, Nuno Laranjeiro University of Coimbra
Avoiding Excessive Data Exposure through Microservice APIs
Research Papers
A: Patric Genfer University of Vienna, A: Uwe Zdun University of Vienna
Documentation-as-code for Interface Control Document management in Systems of Systems: a Technical Action Research Study
Research Papers
A: H├ęctor Cadavid University of Groningen, A: Vasilios Andrikopoulos University of Groningen, A: Paris Avgeriou University of Groningen, The Netherlands
To deprecate or to simply drop operations? An empirical study on the evolution of a large OpenAPI collection
Research Papers
A: Fabio Di Lauro , A: Cesare Pautasso Software Institute, Faculty of Informatics, USI Lugano, A: souhaila serbout Software Institute @ USI
ExpressO: From Express.js implementation code to OpenAPI interface descriptions
Tools & Demos
A: Alessandro Romanelli , A: souhaila serbout Software Institute @ USI, A: Cesare Pautasso Software Institute, Faculty of Informatics, USI Lugano
A Toolchain for Simulation Component Specification and Identification
Tools & Demos
A: Sandro Koch Karlsruhe Institute of Technology (KIT)
Research Papers

Information for Participants
Thu 22 Sep 2022 15:30 - 17:00 at S4 - Components, APIs and interface management Chair(s): Jasmin Jahic, Nuno Laranjeiro
Info for session

Each paper is presented as a 5-minute pitch talk at the beginning. The rest of the session is a discussion.

Info for room S4:

After reaching the 3rd floor (either by elevator or the main staircase), turn right.