UrbanSec

COMPREHENSIVE SECURITY FRAMEWORK FOR MICROSERVICE ARCHITECTURE AT THE REVERSE PROXY LEVEL

What is UrbanSec?

UrbanSec is a comprehensive security framework that will secure microservice architecture at the proxy level by deploying it Alongside the microservices to be protected.

Our Domain

  Due to the several unique capabilities of microservices, they have become one of the most popular software technologies on the market. However, the unique requirements for the security of microservices are a major concern in the developing environment of the current tech market.

  The need to develop an efficient framework that will provide security from major possible attack vectors for microservice architecture-based software solutions on the Reverse proxy layer

  How to implement authentication/authorization and role-based access control on the reverse proxy level?

  How to restrict and sanitize the requests received before they reach the microservices?

  How to analyze server logs in order to identify anomalous requests and make decisions based on them?

  How to develop a tool to dynamically change user access controls in OAuth 2.0-based approaches?

  Creating an artifact that can transpile Authentication/Authorization logic,role-based access control logic, and service routing logic so that they can be handled at the proxy level alongside an injection service to update this transpiled logic without server downtime.

  Creating a real-time middleware at the proxy level that can scan through requests to ensure they match the provided specifications

  Implementing a machine learning model that will periodically analyze the proxy server logs to identify anomalous requests and developing an artifact to make access control decisions based on them

  Creating a separate microservice that can compile user-provided policies into a set of preconditions and communicate with identity providers to dynamically alter user access controls as needed

Milestones

July 2023
Project Topic Assessment

Initial topic assessment document of the proposed research was submitted for evaluation. The submitted document included a brief overview on key aspects of the proposed research along with the research problem, research objectives, overall solution as well as member task breakdown.

August 2023
Project Proposal Presentation

Presented to a panel of judges in order to provide an overview of the proposed research.

August 2023
Project Proposal Report

The submission of a report which provides an in-depth analysis pertaining to key aspects of the proposed research along with the research problem, objectives, as well as the overall proposed solution.

November 2023
Status Document 1

The submission of a document that provides an overview of key tasks conducted by members during the implementation phase of the research.

November 2023
Progress Presentation 1

Evaluation of 50% completion of the proposed solution by a panel of judges.

March 2024
Research Paper draft submission

Draft submission of the research paper submitted to the supervisor for evaluation.

March 2024
Status Document 2

The submission of a document that provides an overview of key tasks conducted by members during the implementation phase of the research.

March 2024
Progress Presentation 2

Draft submission of the research paper submitted to the supervisor for evaluation.

April 2024
Final Thesis Submission

Submission of the group and individual thesis documents for evaluation.

May 2024
Final Presentation and Viva

Final evaluation of the completed product.

June 2024
Website Assessment

Submission of research website for evaluation.

June 2024
Log Book

Submission of the research logbook which provides an overview of all key tasks conducted by members during the implementation phase of the research.

Documents

Project Proposal

Proposal Presentation



Proposal Document - IT20609658



Proposal Document - IT20633790



Proposal Document - IT20631192



Proposal Document - IT20625016



Status Document 01

IT20609658



IT20633790



IT20631192



IT20625016



Progress Presentation 01

Progress Presentation 1



Research Paper

Research Paper



Progress Presentation 02

Progress Presentation 02



Final Reports

Final Report - Team



Final Report - IT20609658



Final Report - IT20633790



Final Report - IT20631192



Final Report - IT20625016



Project Registration Documents

Topic Assessment



Tools and Technologies

React



Node JS



Python



Docker



Azure



Keycloak

MongoDB Icon

MongoDB

MongoDB Icon

Nginx

Nginx Icon

Team

Dharshana Kasthurirathna (Supervisor)



Udara Samaratunge (Co-Supervisor)



Ravindu Anjana (Lead)



Susith Rupasinghe



Sasindu Nanayakkara



Shavidini Ekanayake



Production Demo

Contact

please contact us for any clarification

[email protected]

+94 71 6689922