We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CR

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: SecDocker: Hardening the Continuous Integration Workflow

Abstract: Current Continuous Integration processes face significant intrinsic cybersecurity challenges. The idea is not only to solve and test formal or regulatory security requirements of source code but also to adhere to the same principles to the CI pipeline itself. This paper presents an overview of current security issues in CI workflow. It designs, develops, and deploys a new tool for the secure deployment of a container-based CI pipeline flow without slowing down release cycles. The tool, called \SD for its Docker-based approach, is publicly available in GitHub. It implements a transparent application firewall based on a configuration mechanism avoiding issues in the CI workflow associated with intended or unintended container configurations. Integrated with other DevOps Engineers tools, it provides feedback from only those scenarios that match specific patterns, addressing future container security issues.
Comments: Preprint: 15 pages, 5 figures, 2 tables. Public repository: this https URL
Subjects: Cryptography and Security (cs.CR); Software Engineering (cs.SE)
Journal reference: SN COMPUT. SCI. 3, 80 (2022)
DOI: 10.1007/s42979-021-00939-4
Cite as: arXiv:2104.07899 [cs.CR]
  (or arXiv:2104.07899v1 [cs.CR] for this version)

Submission history

From: Francisco J. Rodriguez Lera [view email]
[v1] Fri, 16 Apr 2021 05:49:08 GMT (392kb,D)

Link back to: arXiv, form interface, contact.