Modelagem de arquitetura baseada em microsserviços com foco em segurança

Abstract

Data are key players in the Fourth Industrial Revolution as they enable the digital world to become increasingly connected and intelligent. Among the various types of data, personal and sensitive data demand greater caution throughout the treatment due to the information they can reveal. In this context, it is urgent to consider the negative impacts of data leakage and theft by cyber criminals, which, in addition to the legal and juridical implications resulting from laws such as the Brazilian General Data Protection Act, might be financially and morally catastrophic to companies, governments, and individuals. From the point of view of remote storage and access to sensitive data, the architecture of the software can play a crucial role in the security of a system. Today, several applications are developed following the architectural style known as Microservices-Based Architec- ture(O’REILLY. . . , ). Its popularity is due, mainly, to its advantages, among which are the autonomy of the entities that constitute the architecture, low coupling, and fault tolerance. The model based on microservices allows different forms of implementation, given its high flexibility, which can impact the security of the resulting system. Thus, this project aims to create an architecture proposal based on microservices that deals with sensitive data, based on the needs of the Amive project. The results obtained include an architecture proposal that considers aspects related to security, such as identity and access management and data encryption, and scalability, thus encompassing security issues to be addressed in future works.