{"id":"https://openalex.org/W4414405568","doi":"https://doi.org/10.1109/clusterworkshops65972.2025.11164216","title":"A Policy-Driven Approach for Securing Microservices Workflow in Kubernetes Cluster","display_name":"A Policy-Driven Approach for Securing Microservices Workflow in Kubernetes Cluster","publication_year":2025,"publication_date":"2025-09-02","ids":{"openalex":"https://openalex.org/W4414405568","doi":"https://doi.org/10.1109/clusterworkshops65972.2025.11164216"},"language":"en","primary_location":{"id":"doi:10.1109/clusterworkshops65972.2025.11164216","is_oa":false,"landing_page_url":"https://doi.org/10.1109/clusterworkshops65972.2025.11164216","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Cluster Computing Workshops (CLUSTER Workshops)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5110033934","display_name":"Bilal Ashraf","orcid":null},"institutions":[{"id":"https://openalex.org/I84027002","display_name":"Leeds Beckett University","ror":"https://ror.org/02xsh5r57","country_code":"GB","type":"education","lineage":["https://openalex.org/I84027002"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Bilal Ashraf","raw_affiliation_strings":["Leeds Beckett University,School of Built Environment, Engineering and Computing,Leeds,UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Leeds Beckett University,School of Built Environment, Engineering and Computing,Leeds,UK","institution_ids":["https://openalex.org/I84027002"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071135775","display_name":"Satish Kumar","orcid":"https://orcid.org/0000-0002-3913-7579"},"institutions":[{"id":"https://openalex.org/I84027002","display_name":"Leeds Beckett University","ror":"https://ror.org/02xsh5r57","country_code":"GB","type":"education","lineage":["https://openalex.org/I84027002"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Satish Kumar","raw_affiliation_strings":["Leeds Beckett University,School of Built Environment, Engineering and Computing,Leeds,UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Leeds Beckett University,School of Built Environment, Engineering and Computing,Leeds,UK","institution_ids":["https://openalex.org/I84027002"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035737350","display_name":"Nawar Jawad","orcid":null},"institutions":[{"id":"https://openalex.org/I84027002","display_name":"Leeds Beckett University","ror":"https://ror.org/02xsh5r57","country_code":"GB","type":"education","lineage":["https://openalex.org/I84027002"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Nawar Jawad","raw_affiliation_strings":["Leeds Beckett University,School of Built Environment, Engineering and Computing,Leeds,UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Leeds Beckett University,School of Built Environment, Engineering and Computing,Leeds,UK","institution_ids":["https://openalex.org/I84027002"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I84027002"],"apc_list":null,"apc_paid":null,"fwci":4.1858,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.94675638,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"2"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10101","display_name":"Cloud Computing and Resource Management","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.984000027179718,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/microservices","display_name":"Microservices","score":0.8701000213623047},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.5320000052452087},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.48899999260902405},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.4869000017642975},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.3443000018596649},{"id":"https://openalex.org/keywords/layer","display_name":"Layer (electronics)","score":0.3427000045776367},{"id":"https://openalex.org/keywords/single-point-of-failure","display_name":"Single point of failure","score":0.32820001244544983}],"concepts":[{"id":"https://openalex.org/C2778505942","wikidata":"https://www.wikidata.org/wiki/Q18344624","display_name":"Microservices","level":3,"score":0.8701000213623047},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7709000110626221},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.5320000052452087},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4975999891757965},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.48899999260902405},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.4869000017642975},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3452000021934509},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.3443000018596649},{"id":"https://openalex.org/C2779227376","wikidata":"https://www.wikidata.org/wiki/Q6505497","display_name":"Layer (electronics)","level":2,"score":0.3427000045776367},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3336000144481659},{"id":"https://openalex.org/C165136773","wikidata":"https://www.wikidata.org/wiki/Q1363179","display_name":"Single point of failure","level":2,"score":0.32820001244544983},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.32690000534057617},{"id":"https://openalex.org/C89611455","wikidata":"https://www.wikidata.org/wiki/Q6804646","display_name":"Mechanism (biology)","level":2,"score":0.2890999913215637},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.27390000224113464},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.2687999904155731},{"id":"https://openalex.org/C57041688","wikidata":"https://www.wikidata.org/wiki/Q220644","display_name":"Service-oriented architecture","level":3,"score":0.2628999948501587},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2590999901294708},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.25619998574256897},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.25130000710487366}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/clusterworkshops65972.2025.11164216","is_oa":false,"landing_page_url":"https://doi.org/10.1109/clusterworkshops65972.2025.11164216","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Cluster Computing Workshops (CLUSTER Workshops)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":2,"referenced_works":["https://openalex.org/W4234070370","https://openalex.org/W4402077959"],"related_works":[],"abstract_inverted_index":{"Kubernetes":[0,16,66],"based":[1],"microservices":[2,14,63],"deployments":[3],"are":[4],"increasingly":[5],"adopted":[6],"in":[7,15,23,65],"modern":[8],"cloud":[9],"computing":[10],"environments.":[11],"However,":[12],"securing":[13,62],"cluster":[17],"is":[18,104],"critical":[19],"because":[20],"they":[21],"operate":[22],"distributed":[24],"manner":[25],"across":[26],"different":[27],"nodes":[28],"and":[29],"each":[30],"of":[31,47],"which":[32],"gives":[33],"a":[34,117],"potential":[35],"entry":[36,109],"point":[37],"for":[38,61,75,122],"attackers":[39],"due":[40],"to":[41],"weak":[42],"authentication":[43,78],"mechanism":[44,60],"or":[45],"misconfiguration":[46],"security":[48,59,120],"policies.":[49],"To":[50],"address":[51],"these":[52],"issues,":[53],"we":[54],"propose":[55],"two":[56],"layered":[57],"policy-driven":[58],"workflow":[64],"cluster.":[67],"The":[68,84],"first":[69],"layer":[70,86],"employs":[71],"mutual":[72],"TLS":[73],"(mTLS)":[74],"secure":[76],"service-to-service":[77],"using":[79],"the":[80,108,113],"Istio":[81],"service":[82],"mesh.":[83],"second":[85],"introduces":[87],"workflow-based":[88],"authorization":[89],"policy":[90],"enforced":[91],"through":[92],"Open":[93],"Policy":[94],"Agent":[95],"(OPA)":[96],"Gatekeeper.":[97],"Experimental":[98],"results":[99],"demonstrate":[100],"that":[101,112],"unauthorized":[102],"access":[103],"effectively":[105],"blocked":[106],"at":[107],"point,":[110],"confirming":[111],"proposed":[114],"approach":[115],"establishes":[116],"robust,":[118],"multi-layered":[119],"environment":[121],"Kubernetes-based":[123],"microservices.":[124]},"counts_by_year":[{"year":2026,"cited_by_count":4}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}