id	author	title	date	pages	extension	mime	words	sentences	flesch	summary	cache	txt
work_phbri3nemnevfl2hhtmkl4bl3u	Dipta Das	On automated RBAC assessment by constructing a centralized perspective for microservice mesh	2021	24	.pdf	application/pdf	10788	1240	51	endpoints where restrictions can be applied using the Role-Based Access Control Keywords Microservices, REST, RBAC, Access control, Authorization, Security, Access Control (RBAC) inconsistencies among microservices using static code analysis. popular methods of securing REST services where each user of the application is assigned microservice's controller layer defines the REST endpoints that serve as request entry 2. Unknown access violations: if an API endpoint contains an authorization role that is not method, only the users that have the "ADMIN" role (defined in the realms) can access the different RBAC roles, we detect it as an entity access violation. Our system finds potential RBAC violations based on a user-defined role hierarchy @RequestMapping Class and Method Defines HTTP types and paths for REST endpoints method in CMS can be accessed with a "user" role which calls the getUserById endpoint This may not be true if users are defined in separate security realms; a role name in one	./cache/work_phbri3nemnevfl2hhtmkl4bl3u.pdf	./txt/work_phbri3nemnevfl2hhtmkl4bl3u.txt