Abstract
Microservices is an architectural style that promotes structuring an application as a collection of loosely coupled fine-grained services. Since each microservice typically accesses different data, while composing complex applications it is hard to monitor which data are getting accessed in the entire application workflow. This raises a serious concern over the privacy protection especially in such a domain as health care. In this paper, we propose a formal Event-B based approach to analysing privacy preservation constraints in the applications developed in the microservices architectural style.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abe, A., Simpson, A.: Formal models for privacy. In: Proceedings of EDBT/ICDT 2016, CEUR Workshop Proceedings, vol. 1558, CEUR-WS.org (2016)
Abrial, J.-R.: Modeling in Event-B. Cambridge University Press, Cambridge (2010)
Agrafiotis, I., Creese, S., Goldsmith, M., Papanikolaou, N.: Applying formal methods to detect and resolve ambiguities in privacy requirements. In: Fischer-Hübner, S., Duquenoy, P., Hansen, M., Leenes, R., Zhang, G. (eds.) Privacy and Identity 2010. IAICT, vol. 352, pp. 271–282. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20769-3_22
European Commission: Proposal for a General Data Protection Regulation. Codecision legislative procedure for a regulation 2012/0011 (COD), European Commission. Brussels, Belgium, January 2012
Laibinis, L., Troubitsyna, E., Leppänen, S.: Service-oriented development of fault tolerant communicating systems: refinement approach. IJERTCS 1(2), 61–85 (2010)
Fowler, M., Lewis, J.: Microservices: a definition of this new architectural term. https://martinfowler.com/articles/microservices.ml. Accessed 01 Apr 2019
ProB. Animator and Model Checker. https://www3.hhu.de/stups/prob/index.php/. Accessed 01 Apr 2019
Rauf, I., Troubitsyna, E.: Generating cloud monitors from models to secure clouds. In: DSN 2018, IEEE Computer Society (in print, 2018)
Rauf, I., Vistbakka, I., Troubitsyna, E.: Formal verification of stateful services with REST APIs using Event-B. In: IEEE ICWS 2018. IEEE (in print, 2018)
Rodin. Event-B platform. http://www.event-b.org/
Spiekermann, S., Cranor, L.F.: Engineering privacy. IEEE Trans. Softw. Eng. 35(1), 67–82 (2009)
Tarasyuk, A., Troubitsyna, E., Laibinis, L.: Formal modelling and verification of service-oriented systems in probabilistic event-B. In: Derrick, J., Gnesi, S., Latella, D., Treharne, H. (eds.) IFM 2012. LNCS, vol. 7321, pp. 237–252. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30729-4_17
Troubitsyna, E., Laibinis, L., Pereverzeva, I., Kuismin, T., Ilic, D., Latvala, T.: Towards security-explicit formal modelling of safety-critical systems. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 213–225. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45477-1_17
Troubitsyna, E., Vistbakka, I.: Deriving and formalising safety and security requirements for control systems. In: Gallina, B., Skavhaug, A., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11093, pp. 107–122. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99130-6_8
Vistbakka, I., Barash, M., Troubitsyna, E.: Towards creating a DSL facilitating modelling of dynamic access control in event-B. In: Butler, M., Raschke, A., Hoang, T.S., Reichl, K. (eds.) ABZ 2018. LNCS, vol. 10817, pp. 386–391. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91271-4_28
Vistbakka, I., Troubitsyna, E.: Modelling and verification of dynamic role-based access control. In: Atig, M.F., Bensalem, S., Bliudze, S., Monsuez, B. (eds.) VECoS 2018. LNCS, vol. 11181, pp. 48–63. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-00359-3_4
Vistbakka, I., Troubitsyna, E., Kuismin, T., Latvala, T.: Co-engineering safety and security in industrial control systems: a formal outlook. In: Romanovsky, A., Troubitsyna, E.A. (eds.) SERENE 2017. LNCS, vol. 10479, pp. 96–114. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65948-0_7
Wohlgemuth, S., Echizen, I., Sonehara, N., Müller, G.: Tagging disclosures of personal data to third parties to preserve privacy. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IAICT, vol. 330, pp. 241–252. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15257-3_22
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Vistbakka, I., Troubitsyna, E. (2020). Formalising Privacy-Preserving Constraints in Microservices Architecture. In: Lin, SW., Hou, Z., Mahony, B. (eds) Formal Methods and Software Engineering. ICFEM 2020. Lecture Notes in Computer Science(), vol 12531. Springer, Cham. https://doi.org/10.1007/978-3-030-63406-3_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-63406-3_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-63405-6
Online ISBN: 978-3-030-63406-3
eBook Packages: Computer ScienceComputer Science (R0)