Security Assurance in DevOps Methodologies and Related Environments
Abstract
The biggest software development companies conduct daily more than hundreds deployments which influence currently operating IT (Information Technology) systems. This is possible due to the availability of automatic mechanisms which are providing their functional testing and later applications deployment. Unfortunately, nowadays, there are no tools or even a set of good practices related to the problem on how to include IT security issues into the whole production and deployment processes. This paper describes how to deal with this problem in the large mobile telecommunication operator environment.
References
Abubaker Wahaballa, O. W. Toward unified DevOps model . 2015 6th IEEE International Conference on Software Engineering and Service Science (ICSESS).
Adnan Masood, J. J. Static analysis for web service security - Tools & techniques for a secure development life cycle. 2015 IEEE International Symposium on Technologies for Homeland Security (HST).
Center for Internet Security. Pobrano z lokalizacji https://www.cisecurity.org/cis-benchmarks/
Chirag Doshi, D. D. A Peek into an Agile Infected Culture . 2009 Agile Conference.
Daniel Stahl, K. H. Continuous Integration and Delivery Traceability in Industry: Needs and Practices . 2017 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA).
Gordon, A. The Hybrid Cloud Security Professional. IEEE Cloud Computing ( Volume: 3, Issue: 1, Jan.-Feb. 2016 ) .
H. Drucker, Donghui Wu, V.N. Vapnik, Support vector machines for spam categorization, IEEE Transactions on Neural Networks ( Volume: 10 , Issue: 5 , Sep 1999 )
Hongchen Gui, Qiliang Liang, Zhiqiang Li, An improved AD-LDA topic model based on weighted Gibbs sampling, 2016 IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC)
Ionel Gordin, A. G. Security Assessment of OpenStack cloud using outside and inside software tools. 14th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 24-26, 2018.
Lindita Nebiu Hyseni, A. I. Comparison of the cloud computing platforms provided by Amazon and Google . 2017 Computing Conference.
Marco Anisetti, C. A. A Security Benchmark for OpenStack. 2017 IEEE 10th International Conference on Cloud Computing.
Nishant Kumar Singh, S. T. Automated provisioning of application in IAAS cloud using Ansible configuration management . 2015 1st International Conference on Next Generation Computing Technologies (NGCT).
OWASP. Pobrano z lokalizacji https://www.owasp.org/index.php/Main_Page
P. P. W. Pathirathna, V. A. Security testing as a service with docker containerization . 2017 11th International Conference on Software, Knowledge, Information Management and Applications (SKIMA).
Shruti Kapil, Meenu Chawla, Mohd Dilshad Ansari, On K-means data clustering algorithm with genetic algorithm, 2016 Fourth International Conference on Parallel, Distributed and Grid Computing (PDGC)
Shubham Awasthi, A. P. Openstack-paradigm shift to open source cloud computing & its integration . 2016 2nd International Conference on Contemporary Computing and Informatics (IC3I).
Turki Alharkan, P. M. IDSaaS: Intrusion Detection System as a Service in Public Clouds. 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing.
Wu Qianqian, L. X. Research and design on Web application vulnerability scanning service . 2014 IEEE 5th International Conference on Software Engineering and Service Science.
Xuexiu Chen, C. C. A Cloud Security Assessment System Based on Classifying and Grading. IEEE CLOUD COMPUTING PUBLISHED BY THE IEEE COMPUTER SOCIET Y.
Yasuharu Katsuno, A. K. Security, Compliance, and Agile Deployment of Personal Identifiable Information Solutions on a Public Cloud. 2016 IEEE 9th International Conference on Cloud Computing.
Ziqiang Zhou, C. S. Research and Implementation of Mobile Application Security Detection Combining Static and Dynamic. 2018 10th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA).
Downloads
Published
Issue
Section
License
Copyright (c) 2019 International Journal of Electronics and Telecommunications
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
1. License
The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on https://creativecommons.org/licenses/by/4.0/.
2. Author’s Warranties
The author warrants that the article is original, written by stated author/s, has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author/s. The undersigned also warrants that the manuscript (or its essential substance) has not been published other than as an abstract or doctorate thesis and has not been submitted for consideration elsewhere, for print, electronic or digital publication.
3. User Rights
Under the Creative Commons Attribution license, the author(s) and users are free to share (copy, distribute and transmit the contribution) under the following conditions: 1. they must attribute the contribution in the manner specified by the author or licensor, 2. they may alter, transform, or build upon this work, 3. they may use this contribution for commercial purposes.
4. Rights of Authors
Authors retain the following rights:
- copyright, and other proprietary rights relating to the article, such as patent rights,
- the right to use the substance of the article in own future works, including lectures and books,
- the right to reproduce the article for own purposes, provided the copies are not offered for sale,
- the right to self-archive the article
- the right to supervision over the integrity of the content of the work and its fair use.
5. Co-Authorship
If the article was prepared jointly with other authors, the signatory of this form warrants that he/she has been authorized by all co-authors to sign this agreement on their behalf, and agrees to inform his/her co-authors of the terms of this agreement.
6. Termination
This agreement can be terminated by the author or the Journal Owner upon two months’ notice where the other party has materially breached this agreement and failed to remedy such breach within a month of being given the terminating party’s notice requesting such breach to be remedied. No breach or violation of this agreement will cause this agreement or any license granted in it to terminate automatically or affect the definition of the Journal Owner. The author and the Journal Owner may agree to terminate this agreement at any time. This agreement or any license granted in it cannot be terminated otherwise than in accordance with this section 6. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.
7. Royalties
This agreement entitles the author to no royalties or other fees. To such extent as legally permissible, the author waives his or her right to collect royalties relative to the article in respect of any use of the article by the Journal Owner or its sublicensee.
8. Miscellaneous
The Journal Owner will publish the article (or have it published) in the Journal if the article’s editorial process is successfully completed and the Journal Owner or its sublicensee has become obligated to have the article published. Where such obligation depends on the payment of a fee, it shall not be deemed to exist until such time as that fee is paid. The Journal Owner may conform the article to a style of punctuation, spelling, capitalization and usage that it deems appropriate. The Journal Owner will be allowed to sublicense the rights that are licensed to it under this agreement. This agreement will be governed by the laws of Poland.
By signing this License, Author(s) warrant(s) that they have the full power to enter into this agreement. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.