Static-Analysis-Based Solutions to Security Challenges in Cloud-Native Systems: Systematic Mapping Study

Rahaman, Md Shahidur; Islam, Agm; Černý, Tomáš; Hutton, Shaun

doi:10.3390/s23041755

Cited by 6 publications

(2 citation statements)

References 60 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Those can address the attacks or vulnerabilities, potential tools, or mitigation strategies for those attacks. In our previous study [ 11 ], we thoroughly analyzed the effective mechanisms that can be applied to consider the protection strategy of cloud-native systems.…”

Section: Related Workmentioning

confidence: 99%

Access Control Design Practice and Solutions in Cloud-Native Architecture: A Systematic Mapping Study

Rahaman

Tisha

Song

et al. 2023

Sensors

Self Cite

View full text Add to dashboard Cite

Protecting the resources of a cloud-native application is essential to meet an organization’s security goals. Cloud-native applications manage thousands of user requests, and an organization must employ a proper access control mechanism. However, unfortunately, developers sometimes grumble when designing and enforcing access decisions for a gigantic scalable application. It is sometimes complicated to choose the potential access control model for the system. Cloud-native software architecture has become an integral part of the industry to manage and maintain customer needs. A microservice is a combination of small independent services that might have hundreds of parts, where the developers must protect the individual services. An efficient access control model can defend the respective services and consistency. This study intends to comprehensively analyze the current access control mechanism and techniques utilized in cloud-native architecture. For this, we present a systematic mapping study that extracts current approaches, categorizes access control patterns, and provides developers guidance to meet security principles. In addition, we have gathered 234 essential articles, of which 29 have been chosen as primary studies. Our comprehensive analysis will guide practitioners to identify proper access control mechanisms applicable to ensuring security goals in cloud-native architectures.

show abstract

Section: Related Workmentioning

confidence: 99%

Access Control Design Practice and Solutions in Cloud-Native Architecture: A Systematic Mapping Study

Rahaman

Tisha

Song

et al. 2023

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…Table 1 encapsulates the gaps in contemporary surveys that motivated us to construct this work. After extensive research, we were able to identify only a single work [47] that covers areas similar to the ones that are being explored in the context of this survey. That work, however, did not go into much detail regarding aspects that are of paramount importance in the context of securing cloud-native services such as DevSecOps Practices and Orchestration Platform Security.…”

mentioning

confidence: 99%

Security in Cloud-Native Services: A Survey

Theodoropoulos,

Rosa,

Benzaid

et al. 2023

JCP

View full text Add to dashboard Cite

Cloud-native services face unique cybersecurity challenges due to their distributed infrastructure. They are susceptible to various threats like malware, DDoS attacks, and Man-in-the-Middle (MITM) attacks. Additionally, these services often process sensitive data that must be protected from unauthorized access. On top of that, the dynamic and scalable nature of cloud-native services makes it difficult to maintain consistent security, as deploying new instances and infrastructure introduces new vulnerabilities. To address these challenges, efficient security solutions are needed to mitigate potential threats while aligning with the characteristics of cloud-native services. Despite the abundance of works focusing on security aspects in the cloud, there has been a notable lack of research that is focused on the security of cloud-native services. To address this gap, this work is the first survey that is dedicated to exploring security in cloud-native services. This work aims to provide a comprehensive investigation of the aspects, features, and solutions that are associated with security in cloud-native services. It serves as a uniquely structured mapping study that maps the key aspects to the corresponding features, and these features to numerous contemporary solutions. Furthermore, it includes the identification of various candidate open-source technologies that are capable of supporting the realization of each explored solution. Finally, it showcases how these solutions can work together in order to establish each corresponding feature. The insights and findings of this work can be used by cybersecurity professionals, such as developers and researchers, to enhance the security of cloud-native services.

show abstract

Designing a microservice architecture on the example of an automated application for the HR department

2023

View full text Add to dashboard Cite

show abstract

Static-Analysis-Based Solutions to Security Challenges in Cloud-Native Systems: Systematic Mapping Study

Cited by 6 publications

References 60 publications

Access Control Design Practice and Solutions in Cloud-Native Architecture: A Systematic Mapping Study

Access Control Design Practice and Solutions in Cloud-Native Architecture: A Systematic Mapping Study

Security in Cloud-Native Services: A Survey

Designing a microservice architecture on the example of an automated application for the HR department

Contact Info

Product

Resources

About