Developing Dependable and Secure Cloud Applications

Select |




Print


Weber, Ingo; Nepal, Surya; Zhu, Liming

Weber, Ingo; Nepal, Surya; Zhu, Liming


2016-05-01


Journal Article


IEEE Internet Computing


20


3


74-79


An ever-growing share of applications are provided as SaaS solutions on the basis of public cloud services, such as IaaS or PaaS offerings. Cloud services and the ability to manage and control them programmatically through APIs enabled the rise of continuous deployment and DevOps. DevOps, the abbreviated combination of "development" and "operations", has been defined as "a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality" [1]. This methodology is rapidly progressing towards mainstream adoption [2], as it allows to deliver new functionality to end users fast and often increasing quality along the way. However, achieving security (confidentiality, integrity and availability) and dependability (availability, reliability, safety, integrity and maintainability) when developing applications in the context of cloud services and DevOps offers a separate set of challenges. For instance, DevOps typically includes implementing a continuous deployment pipeline (CDP), which automatically tests and deploys new versions of the software. This CDP needs to be secured and checked for errors - else it could spread malicious or erroneous code to all servers, thus easily multiplying any problems by orders of magnitude. Trying to achieve full automation in testing and deployment also puts additional challenges on security and dependability, including requiring better practices around quick recovery, rollback, and resilience. In this article, we broadly discuss the challenges by analysing the security and dependability challenges for all phases of the software development and data security life cycles of SaaS solutions. We also provide an overview of our research and development that aims to alleviate some of the pain points.


Cloud; Dependability; Security; DevOps


English


nicta:9148


Weber, Ingo; Nepal, Surya; Zhu, Liming. Developing Dependable and Secure Cloud Applications. IEEE Internet Computing. 2016-05-01; 20(3):74-79.



Loading citation data...

Citation counts
(Requires subscription to view)