Journal ArticleDOI
Modeling continuous security: A conceptual model for automated DevSecOps using open-source software over cloud (ADOC)
Rakesh Kumar,Rinkaj Goyal +1 more
TLDR
A conceptual security model, ADOC, is proposed to facilitate adopting DevSecOps for the business processes capitalizing OSS over the cloud, which enables businesses to deliver time-to-market security ready applications and services with accelerated velocity and sustainable agility in a cost-effective way.About:
This article is published in Computers & Security.The article was published on 2020-07-16. It has received 22 citations till now. The article focuses on the topics: Computer security model & Security controls.read more
Citations
More filters
Journal ArticleDOI
Toward successful DevSecOps in software development organizations: A decision-making framework
TL;DR: In this paper , the authors performed a multivocal literature review (MLR) and conducted a questionnaire-based survey to identify challenges associated with DevSecOps-based projects and applied interpretive structure modeling (ISM) to study the relationships among the core categories of the challenges.
Posted Content
DevOps A Historical Review and Future Works.
Mayank Gokarna,Raju Singh +1 more
TL;DR: The building blocks of DevOps, challenges in adopting Dev Ops, Models to improve DevOps practices and Future works on DevOps are reviewed.
Journal ArticleDOI
Microservice security: a systematic literature review
Davide Berardi,Saverio Giallorenzo,Jacopo Mauro,Andrea Melis,Fabrizio Montesi,Marco Prandini +5 more
TL;DR: A systematic review of the field of microservices, gathering 290 relevant publications to provide an aggregated overview of the literature and to spot gaps left open, concludes with a call for action to address the main open challenges.
Proceedings ArticleDOI
DevOps: A Historical Review and Future Works
Mayank Gokarna,Raju Singh +1 more
TL;DR: In this article, the authors review the building blocks of DevOps, challenges in adopting DevOps and models to improve DevOps practices and future works on DevOps in an extended version of the existing Agile method.
Journal ArticleDOI
ASSIST-IoT: A Modular Implementation of a Reference Architecture for the Next Generation Internet of Things
Pawel Szmeja,Alejandro Fornes-Leal,Ignacio Lacalle,Carlos E. Palau,Maria Ganzha,Wieslaw Pawlowski,Marcin Paprzycki,Johan Schabbink +7 more
TL;DR: In this paper , the authors present the first complete, consolidated NGIoT RA, covering the hardware and software building blocks, and needed for the advent of the Next Generation Internet of Things (NGIoT), which is presented in the context of an ecosystem where independent software packages are deployed and run at selected points in the hardware environment.
References
More filters
ReportDOI
The NIST Definition of Cloud Computing
Peter Mell,Timothy Grance +1 more
TL;DR: This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
Journal ArticleDOI
Addressing cloud computing security issues
TL;DR: This paper proposes introducing a Trusted Third Party, tasked with assuring specific security characteristics within a cloud environment, and presents a horizontal level of service, available to all implicated entities, that realizes a security mesh, within which essential trust is maintained.
Journal ArticleDOI
Security and Privacy Challenges in Cloud Computing Environments
TL;DR: This article explores the roadblocks and solutions to providing a trustworthy cloud computing environment and suggests a number of approaches that could be considered.
Journal ArticleDOI
Bayesian Estimation and Prediction Using Asymmetric Loss Functions
TL;DR: In this article, the authors derived the risk functions and Bayes risks for a number of well-known models and compared them with those of usual estimators and predictors, and showed that some usual predictors are inadmissible relative to the asymmetric LINEX loss by providing alternative estimators.
Journal ArticleDOI
Understanding Cloud Computing Vulnerabilities
TL;DR: Four indicators of cloud-specific vulnerabilities are defined, a security-specific cloud reference architecture is introduced, and examples of cloud -specific vulnerabilities for each architectural component are provided.