Service Oriented Software Engineering 

Abstract: While the technology development towards microservices can significantly improve the speed and agility of software service delivery, it also raises the operational complexity associated with modern applications. This has led to the emergence of Service Mesh, a promising approach to mitigate this situation by introducing a dedicated infrastructure layer over microservices without imposing modification on the service implementations. Aiming to inspire more practical research work in this exploited area, we in this paper present a comprehensive review on the state of the art of Service Mesh and discuss the related challenges and its adoption. Finally, we highlight the opportunities for future research in this subject.

Abstract: Blockchain (BC) has received significant attention recently. This paper presents system-related issues for BCs for financial applications. This paper first presents the design of a BC without consideration of any application scenarios, and issues such as performance, security, performance and scalability lead to specific BC designs. Sample BC scenarios are analyzed and these lead to additional BC designs. Specifically, two new kinds of BC emerge: for storing information at transactional level, for storing account information. By splitting traditional BCs into these two BCs allow one to optimize the system with respect to scalability and privacy.

Abstract: The concerns held on the scalability of permissionless Blockchain platforms are a significant hindrance to their wider adoption. To address this issue rigorously, we consider it opportune to assess the current implementation and the associated improvement proposals, within a single coherent evaluation framework. This work addresses this specific question in the particular context of Ethereum, a prominent implementation of Blockchain, using a threefold approach. First, it maps the internal constituents of Ethereum onto a layered architecture inspired in the ISO/OSI model, so that its provisioning organization can be better understood. Second, it employs the AKF Scale Cube to analyze the pros and cons of the present specification of Ethereum, as well as of the current improvement proposals, so that the scalability challenges can be reasoned about in an orderly fashion. Finally, it uses an extensible test environment with synthetic benchmarks so that the transaction throughput of the current implementation of Ethereum can be evaluated in a private scenario, when no smart contract is to run. Our conclusions suggest that Ethereum respects the scalability trilemma being versed on security and decentralization renouncing scalability. These limits can be mitigated by adopting novel solutions such as Plasma and Sharding which enable a significant increment of performance by partitioning the data, and, ultimately, unlocking parallel execution of the transactions.

Abstract: The microservice architectural style is an emerging trend in software engineering that allows building highly scalable and flexible systems. However, current state of the art provides only limited insight into the particular security concerns of microservice system. With this paper, we seek to unravel some of the mysteries surrounding microservice security by: providing a taxonomy of microservices security; assessing the security implications of the microservice architecture; and surveying related contemporary solutions, among others Docker Swarm and Netflix security decisions. We offer two important insights. On one hand, microservice security is a multi-faceted problem that requires a layered security solution that is not available out of the box at the moment. On the other hand, if these security challenges are solved, microservice architectures can improve security; their inherent properties of loose coupling, isolation, diversity, and fail fast all contribute to the increased robustness of a system. To address the lack of security guidelines this paper describes the design and implementation of a simple security framework for microservices that can be leveraged by practitioners. Proof-of-concept evaluation results show that the performance overhead of the security mechanisms is around 11%.