Microservices: An Architectural Approach to Software Development; Cybersecurity Measures within Microservice Applications

Ip, Wen, School of Engineering and Applied Science, University of Virginia
Vrugtman, Rosanne, EN-Comp Science Dept, University of Virginia
Forelle, MC, Engineering and Society, University of Virginia

The implementation of microservices architectural style is being used more prominently in software development and integrated into new applications. There are many advantages to using this architecture, such as improving the scalability of an application and pairs well for product development work. However, since architecture has been recently and popularly developed, there are some disadvantages and unknown potential concerns for this architecture, such as security issues. The motivation behind creating this capstone project is through a summer internship that involved the use of microservices. The company was looking to use microservices due to their compatibility with cloud technology. The capstone project looks at reviewing the performance and implementation of microservice applications. The STS topic delves more into case studies and looking at the security concerns of these microservice applications. Often, cybersecurity measures are put as a lower priority. Through the STS research, I wish to show how the architectural choices of engineers affect users and their data. I also want to bring up that the adoption of new technology is easily accepted without looking at potential detriments before it is too late to undue damages.

Over the course of ten weeks, I worked on an application for a large banking company. The five-person development team included software engineering interns with a scrum master and product owner. The team worked in 2-week sprints using scrum methodologies. The purpose of the application we developed is to enable financial advisors to give feedback on how single-page applications are meeting their business needs. The application uses microservice architecture and can be imported into different financial advisors’ platforms as a button on the taskbar of the page.

Implementing microservices also increased management complexity and posed a challenge for the standardization of microservices across teams. My team and I explored a more efficient strategy for managing and standardizing microservices to maximize the potential of microservices in applications. The drawbacks and advantages of microservices will be used to recommend potential implementation methods for microservices that will improve software development process while using this architecture and enhance the functionality and performance of microservice applications. Microservices demonstrated that they can be easily integrated with other applications without having to create redundant code; but also showed the need for standards across software development and microservice implementations.

My STS research looks at the concern for cybersecurity within and application and how the adoption of new technology, such as microservice architecture, is prioritized over it. Microservices have lots of benefits with pairing with cloud technology, which is another popular technology that has great potential. Especially with growing tensions of cyber threats, the implementation of cybersecurity for microservice applications is an increasing need for users. With an architectural choice of an application, I want to present the concept that architectural choice of the software engineer influences the users of the applications and the security of their data. This goes into how engineers should decide design choices for application performance values, such as speed and code redundancy, that might clash with user values for privacy and security of their data. This technology directly connects to users and their data, which is closely connected to their lives, emotions, and values. Security and architecture are concepts that affect one another and are important for an engineer to determine because they affect the relationship and trust between engineers and users.

Working on both projects simultaneously has allowed me to consider engineering concepts and choices through an STS lens and vice versa. It is important to closely connect the technical and STS side of every situation and technology because engineering is the creation of tools and products that are created by and used by humans. With the complex systems we have, any piece of technology has the potential to change a person’s life for the better and worse. Analyzing different perspectives of an engineering choice from different stakeholders and bringing the STS side into technical decisions will help reveal how these systems are closely influenced by one another. The STS topic also highlighted more of the cybersecurity concerns for applications in general and how it should be more important for engineers to address cybersecurity concerns at the start of their software development process and throughout the different iterations of software development cycles.

BS (Bachelor of Science)
microservice, software, architecture, cybersecurity, security

School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisor: Rosanne Vrugtman
STS Advisor: MC Forelle

Issued Date: