Towards a Unified Secure Cloud Service Development and Deployment Life-Cycle

Hudic, Aleksandar; Flittner, Matthias; Lorünser, Thomas; Radl, Philipp M.; Bless, Roland

doi:10.1109/ares.2016.73

Cited by 5 publications

(1 citation statement)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The proper implementation of 3C's (communication, coordination, control) must be considered to develop trust and understanding between team members of DevOps. Developer resistance not to coordinate with DevOps security team[57,76,77] slow-downs the whole deployment process, as no proper measures were taken to control security threats during development phase. There should not be an unrestricted collaboration between DevOps and security teams[20,23,58,79] to avoid leakage of information at both ends.…”

mentioning

confidence: 99%

Prioritization Based Taxonomy of DevOps Security Challenges Using PROMETHEE

Rafi

Akbar

et al. 2020

IEEE Access

View full text Add to dashboard Cite

DevOps is a combination of collaborative and multidisciplinary efforts of an organization to control continuous delivery and updates of new software while guaranteeing their reliability and correctness. In the software industry, the implementation of DevOps (development and operations units) faces many challenges that are specifically associated with the security. This study aims to develop a prioritization based taxonomy of DevOps security challenges using PROMETHEE-II approach. The total of eighteen DevOps security challenges were extracted from the literature and were further evaluated with experts using questionnaire survey study. In the third stage, multi criteria decision making PROMETHEE-II approach was used to prioritize and develop the taxonomy of identified factors and their categories. The implications of PROMETHEE-II approach are novel in this research domain as it has been used successfully in various other domains e.g. medical, banking, internet techniques and management etc. The contribution of this study is not limited to develop the taxonomy based structure of DevOps security challenges, but also the proper prioritization of these challenges by introducing PROMETHEE-II approach in the research field of DevOps. The study results will assist the practitioners to remove the uncertainty and vagueness in the opinion of DevOps experts to secure DevOps implementation for better and continuous software development process.

show abstract

mentioning

confidence: 99%