An End-to-End Microservices-Based Sports Networking System with Role-Based Access Control

An End-to-End Microservices-Based Sports Networking System with Role-Based Access Control

Prof. S. M. Jawake

Assistant Professor, Dept. of CSE, Shri Sant Gajanan Maharaj College of Engg., Shegaon, 444203, India

Gayatri Arbat, Vaishnavi Mirge, Shruti Tarale

UG Scholar, Dept. of CSE, Shri Sant Gajanan Maharaj College of Engg., Shegaon, 444203, India

Abstract – Professional sports are increasingly leveraging digital platforms to enable various forms of networking, talent discovery, and development for athletes, coaches, and various sports organizations. However, existing social networking platforms are either generic or lack architectural support for role-aware social interactions and feature evolution. In this paper, we propose a role- aware social networking platform for sports organizations based on various forms of professional networking principles. Our focus is on microservices-based system architecture, role-based access control (RBAC), and polyglot persistence. Our proposed system is based on microservices architecture to decompose platform features into independent services associated with various business domains. RBAC is used as a first-class architectural principle to ensure secure access to resources and social interactions between various user roles. Our proposed system uses a polyglot persistence strategy to manage various forms of data associated with structured profile information, flexible performance records, and unstructured media assets. Our proposed system architecture is presented along with our prototype implementation. Experimental evaluation on the deployed prototype demonstrates the feasibility of the proposed architecture in supporting role-aware networking operations with acceptable latency and throughput, validating its suitability for academic and real-world sports networking applications.

Keywords – Sports Networking Platform, Microservices Architecture, Role-Based Access Control, Polyglot Persistence, System Architecture, Prototype Implementation

1. INTRODUCTION

   The domain of sports is an interconnected professional domain that includes various roles and actors such as the athlete, coach, scout, sponsor, academy, and governing body. Progression in the domain is heavily based on visibility, verified endorsements, and professional relationships. However, the digital platforms that already exist in the domain of sports have poor support for professional networking. Most social media systems that are popular and widely used emphasize content broadcasting and engagement metrics. However, they lack the support for role- based interactions and data access. Past research has emphasized the importance of digital platforms in the domain of sports. There is also the importance of digital platforms in the domain of sports communication, talent identification, and engagement. However, most digital platforms that already exist in the domain of sports are content-centric or analytically focused.

   From a system design perspective, the problem to be solved for

   sports networking systems involves addressing functional complexities arising from user role heterogeneity, data heterogeneity including structured data, performance data, and media data, as well as ensuring embedded security features. The

   microservices architecture is a promising solution to address these complexities through its scalable and modular architecture. By leveraging microservices architecture along with Role-Based Access Control (RBAC) and polyglot persistence strategies, secure and flexible domain-specific user networking systems can be achieved. This paper proposes a system architecture and prototype implementation for a role-aware sports networking system, contributing to the field with its modular microservices- based architecture, interaction control through RBAC-driven systems, and management of heterogeneous data through polyglot persistence.

2. LITERATURE REVIEW

   Microservices architecture has emerged as a dominant paradigm for building scalable and evolvable distributed systems. Unlike monolithic or traditional service-oriented architectures, it emphasizes fine-grained service decomposition, decentralized data ownership, and lightweight inter-service communication. Velepucha and Flores survey the core principles and challenges of microservices, noting that service autonomy and independent deployment enhance scalability and fault isolation but introduce issues such as data consistency and operational complexity [1]. These trade-offs are especially relevant for professional networking platforms with heterogeneous user roles and evolving requirements.

   From a system engineering perspective, Cui stresses the importance of aligning service boundaries with business domains to avoid excessive inter-service communication and coupling [2]. Supporting mechanisms such as API gateways, service-level authentication, and database-per-service patterns are essential for maintaining modularity. These principles guide the domain-driven decomposition of the proposed sports networking platform, where user management, profiles, content interaction, and messaging are implemented as independent services. Andiani further emphasizes that microservices represent a long-term architectural commitment affecting data management, security, and system evolution, making clear service responsibilities and interfaces critical [3].

   Access control is a critical requirement for multi-role systems. Role-Based Access Control (RBAC) is a promising solution to address access control requirements through an effective layer of abstraction between users and access rights. RBAC implements the principle of least privilege and minimizes administrative burdens. Male describes the fundamental RBAC model [4]. Marquis shows how RBAC helps to prevent insider threats through its tight integration with application logic and data access layers [5]. As such, RBAC is integrated into the backend services of the proposed system.

   Decentralized data management is another requirement that is addressed through polyglot persistence. Polyglot persistence allows multiple data management systems to be used based on data types and access requirements. Halili et al. illustrate the benefits of using polyglot persistence in distributed systems [6]. As such, structured relational data, dynamic performance records, and unstructured media are managed using different data management systems. Although existing research, such as Fresta et al., has addressed various requirements related to data management in sports contexts [7], there is no existing research on the architectural requirements of sports networking systems. This research fills this gap by proposing a system that combines microservices architecture, RBAC, and polyglot persistence.

3. PROPOSED SYSTEM

   1. Design Objectives and Methodological Rationale

      The proposed sports networking platform facilitates professional interactions between various roles, including athletes, coaches, scouts, and organizations. It incorporates a microservices-based approach, in which individual services can evolve independently. Role-Based Access Control (RBAC) regulates and constrains role-based interactions. It incorporates a polyglot persistence approach, in which data types include structured data, performance information, and multimedia. These design elements ensure modularity, security, and flexibility.

   2. Layered System Architecture

      Fig. 1 System Architecture

      The system architecture is based on a layered service-oriented approach to facilitate the separation of concerns and maintainability along with controlled interactions between

      system components. The system architecture is logically partitioned into four main layers: the frontend layer, the backend services layer, the data storage layer, and the security layer.

      The frontend layer consists of web-based user interfaces that are role-specific. Users access the system through role-specific dashboards. For instance, a role-specific dashboard might include athlete dashboards, organizational dashboards, and opportunities. The frontend layer is responsible for the presentation of the system and the interaction with the system. It does not include any business logic processing. Instead, it delegates all the processing to the backend services through RESTful APIs.

      The backend services layer is the core component of the system. It is based on a set of independent services that are specific to the problem domain. A service encapsulates a well-defined functional responsibility. A service exposes the functionality through secure API endpoints. Services interact with each other through stateless HTTP-based communication. This layer includes all the business logic processing. It includes role processing and data access mediation.

      The data storage layer is decentralized as per the microservices architecture principles. Each backend service has its data store, which it is responsible for. In other words, there is no direct database access between services.

      The security layer encompasses all the other architectural layers. Authentication, authorization, and secure communication are achieved through various security features.

      Security features are applied across all other layers to ensure secure data transmission as well as proper restriction of access to resources within the platform by users.

   3. Backend Service Decomposition

      The backend consists of various specialized services that match the functional requirements of the professional sports networking platform. There exists an Authentication and User Management Service that covers user registration, authentication, role allocation, and credential validation. This service will be the central point of reference for any authentication and issuance of tokens. There is also the Profile and Relationship Service that covers user profiles and role- specific and professional relationships. The Content and Activity Service will be responsible for the creation and interaction of professional content while ensuring role and relationship-based content visibility. There is also the Media Management Service that covers the storage and retrieval of media content, including images and videos, without reference to the profile data. Finally, the Messaging and Notification Service and the Search and Discovery Service will be responsible for direct communication and role-based search and discovery.

   4. System Workflow and End-to-End Behavior

      V. RESULT AND DISCUSSION

      Fig. 2 System Workflow

      The system workflow for a secure and role-aware interaction between users is depicted in Figure 2. A user signs up and logs in, providing his/her identity information and a professional role, which is verified by the Authentication and User Management Service. A secure token is provided, allowing users to access role-specific dashboards for managing profiles and achievements, posting opportunities and endorsements by coaches and organizations, and other content creation, viewing, and messaging. All these operations are performed through the back end, with services providing role-aware interactions, ensuring authorized interactions, privacy, and a consistent and well-defined user experience.

   5. Security and Access Control Integration

      Security is an integral aspect of the system architecture. Token- based authentication is used for verifying users, and role-based access control is integrated for ensuring authorized access to each and every service. Access control is provided at the transport level, and input validation is performed for confidentiality, integrity, and authorized access.

   6. Data Management and Polyglot Persistence Strategy

   The platform employs the polyglot persistence strategy to address the varied needs of the data. Relational databases are used to manage structured data such as user accounts, roles, and profiles. Document-oriented databases manage flexible data types such as performance records and timelines of activities. Unstructured media types, including images and videos, are also managed differently to enhance access. Each of the backend services has its data store and provides access to the data through its APIs only.

4. IMPLEMENTATION

A functional prototype of this platform has been developed to test the system architecture as well as the role-related features. The backend is built using Node.js/Express, which is divided into various services for authentication, users, profiles, content, search, messages, and media management. The authentication is performed using JWT, which allows different roles for users. The data is stored as structured data in PostgreSQL and dynamic content in MongoDB. The media files are stored by uploading to cloud storage using secure pre-signed URLs. The search is enabled by using Elasticsearch. The real-time messaging is achieved by using WebSocket with offline message storage. The clients interact only through REST APIs and WebSocket endpoints.

The prototype platform was tested under concurrent conditions for authentication, profile/content, and search operations. The microservices approach helped in operating these services separately, avoiding any bottleneck. Among these, authentication had the lowest latency, between 110 and 140 ms. For profile/content operations, latency was between 120 and 190 ms due to database operations, while search operations had latency under 200 ms. In total, more than 95% of operations were completed within 240 ms, and no failures or timeout issues were recorded.

The stable operation and efficient role-based access control were also recorded, with 97% accuracy and minimal overhead, between 2 and 4 ms per operation. The gradual increase in latency also verifies that the service-oriented approach is scalable, and increased user volume can be managed through horizontal scaling and optimization without any change in architecture.

Fig. 3 API Response Latency under Concurrent Load

VI. CONCLUSION

The current work proposes an efficient and secure sports networking platform, enabling features like athlete profiling, tracking, media sharing, and professional networking in an integrated manner, overcoming the drawbacks of existing fragmented solutions through structured role-based access and data representation. This has been achieved in the form of a scalable and maintainable prototype, validating the viability and practical applicability of the proposed concept, and thereby confirming that it can be effectively implemented in practice. Additional features like usability, mobile support, moderation, and integration with other sports organizations can be added in the future, making it more useful and beneficial to a variety of sports communities.

REFERENCES

1. V. Velepucha and P. Flores, Survey on microservices architecture: Principles, patterns and migration challenges, IEEE Access, vol. 11,

   pp. 8800188028, 2023, doi: 10.1109/ACCESS.2023.3305687.

2. J. Cui, A comprehensive study and design of microservices architecture, SolBridge International School of Business, Woosong University, Daejeon, Republic of Korea, 2023.

3. Andiani, A detailed technical analysis of a microservices architecture conceptual model: Rationale, operation, and implementation, Journal of Engineering Research an Reports, 2024.

4. V. R. Male, Decoding role-based access control (RBAC), Amazon

   Web Services, Inc., USA, 2025.

5. Y. A. Marquis, From theory to practice: Implementing effective role- based access control strategies to mitigate insider risks in diverse organizational contexts, 2024.

6. F. Halili, A. Nuhiji, and D. M. Veliu, Polyglot persistence in microservices: Managing data diversity in distributed systems, Department of Computer Science, University of Tetova, Tetovo, North Macedonia, 2023.

7. M. Fresta, F. Bellotti, R. Berta, A. Capello, A. Dabbous, L. Lazzaroni, and F. Ansovini, End-to-end dataset collection system for sport activities, Sensors, vol. 24, 2024.

8. Y. Qi, S. M. Sajadi, S. Baghaei, R. Rezaei, and W. Li, Digital technologies in sports: Opportunities, challenges, and strategies for safeguarding athlete wellbeing and competitive integrity in the digital era, Technology in Society, vol. 77, Art. no. 102496, 2024, doi: 10.1016/j.techsoc.2024.102496.

9. J. S. Rai, T. Kajla, M. Itani, and H. Cho, Social media in sport: A systematic review and research agenda using the theory, context, characteristics, and methodology framework, International Journal of Consumer Studies, vol. 49, no. 5, 2025, doi: 10.1111/ijcs.70102.

10. C. Piao, T. Chen, Z. Liu, Q. Mu, Y. Zhang, and X. Liang, The impact of social media on youth sports participation, Journal of New Media and Economics, vol. 2, no. 1, pp. 1619, 2025, doi: 10.62517/jnme.202510104.

11. X. Wang, Sports celebrity endorsements: The promotional role of key opinion leaders in the upgrading of the sports industry, Journal of Education, Humanities and Social Sciences, vol. 2