Agile Network Access Control in the Container Age

Diekmann, Cornelius; Naab, Johannes; Korsten, Andreas; Carle, Georg

doi:10.1109/tnsm.2018.2889009

Cited by 18 publications

(8 citation statements)

References 37 publications

(89 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The final set for review in the original SLR study consisted of the 18 primary studies. They are referenced in this review as [3,12,[29][30][31][32][33][34][35][36][37][38][39][40][41][42][43][44]. As our review of the SLR was limited by time and scope, the review started by adopting the result set of the 18 primary studies from the original SLR study.…”

Section: Topic Search Terms Derived From Topics Main Research Topic D...mentioning

confidence: 99%

Trends for the DevOps Security. A Systematic Literature Review

Leppänen

Honkaranta

Costin

2022

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Due to technical advances, old ways for securing DevOps software development have become obsolete. Thus, researchers and practitioners need new insights into the security challenges and practices of DevOps development. This paper reviews the data extraction and analysis phase and results of a Systematic Literature Review (SLR) study that was carried out in 2019. The outcome is an updated list of security challenges and practices for DevOps software development. Both reviews shows that the most essential challenges for the DevOps security deal with the complexity of the development pipelines and the overall complexity of the cloud and microservice environments. The security activities identified were classified by using the BSIMM maturity model for software security as a framework. Our review shows that DevOps security research focuses mostly on deployment phase and technical aspects of software security. We compared the security activities identified in our study with the ones identified by the BSIMM development company in their 2020 review of 128 practitioners' security practices and found matching practices and similar trends.

show abstract

Section: Topic Search Terms Derived From Topics Main Research Topic D...mentioning

confidence: 99%

Trends for the DevOps Security. A Systematic Literature Review

Leppänen

Honkaranta

Costin

2022

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

show abstract

“…The literature review and related work draw our attention to further research in the possible integration of DevOps, multi-cloud, and IoT applications [50,51]. DevOps adoption for IoT application deployment to multi-cloud requires concrete architecture and guidelines [19,52].…”

Section: Literature Review and Related Workmentioning

confidence: 99%

Evaluating the DevOps Reference Architecture for Multi-cloud IoT-Applications

Ghantous

Gill

2021

SN COMPUT. SCI.

View full text Add to dashboard Cite

DevOps originated in the context of the agile development aims to enable the continuous deployment of software applications in small releases. Most recently, organizations are taking a significant interest in adopting DevOps for automatically deploying IoT applications to multi-cloud. The interest is there; however, the challenge is how to achieve this. A new DevOps reference architecture (DRA) framework has been iteratively developed to address this challenge. This paper presents the updated DRA framework and its empirical evaluation results. The empirical evaluation is composed of two phases: (1) industry case study evaluation conducted in an IT organization, and (2) industry field survey with a cohort of experts in software engineering. The evaluation aims to determine the applicability and novelty of the DRA framework. The evaluation results indicate that the DRA is fit for its intended purpose and is expected to help both researchers and practitioners. The DRA uses can architect complex design models for the purpose of supporting the automated development stage of software applications. Software engineers can implement the DRA models for deploying complex IoT application to the multi-cloud environment in the current organization development parameters.

show abstract

“…General research on configuration synthesis has thrived, yielding, over the past decades, tools to produce configurations for firewalls (e.g., [12,13,17,42,54]), routing (e.g., [4,5,15]), and other networking targets [14,38,44,47]. Some work, such as Bravetti, et al [7] also focuses on microservice synthesis.…”

Section: Related Workmentioning

confidence: 99%

Solver-Aided Multi-Party Configuration

Dackow

Wagner

Nelson

et al. 2020

Proceedings of the 19th ACM Workshop on Hot Topics in Networks

View full text Add to dashboard Cite

Configuring a service mesh often involves multiple parties, each of whom is responsible for separate portions of the overall system. This can result in miscommunication, silent and sudden errors, or a failure to meet goals. We identify two distinct modes of configuration that call for different solutions. We use synthesis algorithms to extract a set of properties-the envelope-that each party needs the other to obey. Administrators can use the envelope to aid verification and synthesis or to support fault-localization and negotiation when goals conflict. This paper introduces the problem, lays out the modes, presents algorithms for to each, and gives a prototype implementation. We use this to show the feasibility of the approach in the microservices access-control domain and raise new research questions.

show abstract

Agile Network Access Control in the Container Age

Cited by 18 publications

References 37 publications

Trends for the DevOps Security. A Systematic Literature Review

Trends for the DevOps Security. A Systematic Literature Review

Evaluating the DevOps Reference Architecture for Multi-cloud IoT-Applications

Solver-Aided Multi-Party Configuration

Contact Info

Product

Resources

About