Enhancing kubernetes security: the crucial role of DevSecOps

Ghadeer Darwesh; Дарвиш Гадир; Jaafar Hammoud; Хаммуд Джафар; Alisa A. Vorobeva; Воробьева Алиса Андреевна

doi:10.14357/20790279240309

Enhancing kubernetes security: the crucial role of DevSecOps

作者: Darwesh G.¹, Hammoud J.¹, Vorobeva A.A.¹
隶属关系:
1. ITMO University
期: 卷 74, 编号 3 (2024)
页面: 78-88
栏目: Risk-Management and Security
URL: https://journals.rcsi.science/2079-0279/article/view/293619
DOI: https://doi.org/10.14357/20790279240309
EDN: https://elibrary.ru/SDRKHO
ID: 293619

如何引用文章

全文:

详细
作者简介
参考
补充文件
统计

详细

This article highlights the significance of integrating DevSecOps (Development, security and Operations) practices into the research on detecting common attacks in Kubernetes environments. As Kubernetes gains rapid traction as a prominent container orchestration platform, the security challenges associated with containerized applications have grown in magnitude. However, traditional security methodologies often struggle to keep pace with the dynamic and fast-evolving nature of containerized environments, leaving potential vulnerabilities for malicious actors to exploit. By emphasizing the importance of DevSecOps, this article aims to underscore its role in improving the security posture of Kubernetes deployments and promoting a proactive approach to safeguarding containerized applications. The article also discusses key considerations and benefits of implementing DevSecOps in the context of Kubernetes security research.

关键词

DevSecOps, Kubernetes security, DevOps, security practices

作者简介

Ghadeer Darwesh

ITMO University

编辑信件的主要联系方式.
Email: ghadeerdarwesh32@gmail.com
ORCID iD: 0000-0003-1116-9410

PhD Student

俄罗斯联邦, Saint Petersburg

Jaafar Hammoud

ITMO University

Email: hammoudgj@gmail.com
ORCID iD: 0000-0002-2033-0838

PhD

俄罗斯联邦, Saint Petersburg

Alisa Vorobeva

ITMO University

Email: alice_w@mail.ru
ORCID iD: 0000-0001-6691-6167

PhD, Associate Professor

俄罗斯联邦, Saint Petersburg

参考

Darwesh G., Hammoud J. and Vorobeva A.A. “A novel approach to feature collection for anomaly detection in Kubernetes environment and agent for metrics collection from Kubernetes nodes,” Sci. Tech. J. Inf. Technol. Mech. Opt., vol. 23, no. 3, pp. 538–546, Jun. 2023, doi: 10.17586/2226-1494-2023-23-3-538-546.
Gomes K. “The Importance of DevSecOps,” Honor. Capstones, May 2018, Accessed: Jul. 23, 2023. [Online]. Available: https://huskiecommons.lib.niu.edu/studentengagement-honorscapstones/1214
Prates L., Faustino J., Silva M. and Pereira R. “DevSecOps metrics,” Lect. Notes Bus. Inf. Process., vol. 359, pp. 77–90, 2019, doi: 10.1007/978-3-030-29608-7_7/COVER.
Sánchez-Gordón M. and Colomo-Palacios R. “Security as Culture: A Systematic Literature Review of DevSecOps,” Proc. - 2020 IEEE/ACM 42nd Int. Conf. Softw. Eng. Work. ICSEW 2020, pp. 266–269, Jun. 2020, doi: 10.1145/3387940.3392233.
Rahul S. “Implementation of DevSecOps using Open-Source tools,” Int. J. Adv. Res., 2019, Accessed: Jul. 22, 2023. [Online]. Available: www.IJARIIT.com
Mao R. et al. “Preliminary Findings about DevSecOps from Grey Literature,” Proc. - 2020 IEEE 20th Int. Conf. Softw. Qual. Reliab. Secur. QRS 2020, pp. 450–457, Dec. 2020, doi: 10.1109/QRS51102.2020.00064.
Myrbakken H. and Colomo-Palacios R. “DevSecOps: A multivocal literature review,” Commun. Comput. Inf. Sci., vol. 770, pp. 17–29, 2017, doi: 10.1007/978-3-319-67383-7_2/COVER.
Rajapakse R.N., Zahedi M., Babar M.A. and Shen H. “Challenges and solutions when adopting DevSecOps: A systematic review,” Inf. Softw. Technol., vol. 141, p. 106700, Jan. 2022, doi: 10.1016/J.INF-SOF.2021.106700.
Mondal S.K., Pan R., Kabir H.M.D., Tian T. and Dai H.N. “Kubernetes in IT administration and serverless computing: An empirical study and research challenges,” J. Supercomput., vol. 78, no. 2, pp. 2937–2987, Feb. 2022, doi: 10.1007/s11227-021-03982-3.
Petrochina W.Y., Petrochina Z.T. and Petrochina G.Y. “Design and implementation of continuous integration scheme based on Jenkins and Ansible,” 2018 Int. Conf. Artif. Intell. Big Data, ICA-IBD 2018, pp. 245–249, Jun. 2018, doi: 10.1109/ ICAIBD.2018.8396203.
Lombardi F. and Fanton A. “From DevOps to DevSecOps is not enough. CyberDevOps: an extreme shifting-left architecture to bring cybersecurity within software security lifecycle pipeline,” Softw. Qual. J., vol. 31, no. 2, pp. 619–654, Jun. 2023, doi: 10.1007/S11219-023-09619-3/METRICS.
Mohan V. and Ben Othmane L. “SecDevOps: Is it a marketing buzzword? Mapping research on security in DevOps,” Proc. - 2016 11th Int. Conf. Availability, Reliab. Secur. ARES 2016, pp. 542–547, Dec. 2016, doi: 10.1109/ARES.2016.92.
Mburano B. and Si W. “Evaluation of web vulnerability scanners based on OWASP benchmark,” 26th Int. Conf. Syst. Eng. ICSEng 2018 - Proc., Feb. 2019, doi: 10.1109/ICSENG.2018.8638176.
Darwesh G., Hammoud J. and Vorobeva A.A. “SECURITY IN KUBERNETES: BEST PRACTICES AND SECURITY ANALYSIS,” J. Ural Fed. Dist. Inf. Secur., vol. 22, no. 2, 2022, doi: 10.14529/SECUR220209.
Shamim S.I. “Mitigating security attacks in kubernetes manifests for security best practices violation,” in ESEC/FSE 2021 - Proceedings of the 29th ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Association for Computing Machinery, Inc, Aug. 2021, pp. 1689–1690. doi: 10.1145/3468264.3473495.
Moyon F., Almeida P., Riofrio D., Mendez D. and Kalinowski M. “Security Compliance in Agile Software Development: A Systematic Mapping Study,” Proc. - 46th Euromicro Conf. Softw. Eng. Adv. Appl. SEAA 2020, pp. 413–420, Aug. 2020, doi: 10.1109/SEAA51224.2020.00073.

补充文件

附件文件

动作

1. JATS XML

下载

用户名
密码
记住我

忘记您的密码?	注册

用户名
密码
记住我

忘记您的密码?	注册

卷 74, 编号 3 (2024)

卷 74, 编号 3 (2024)

Enhancing kubernetes security: the crucial role of DevSecOps

全文:

详细

关键词

作者简介

Ghadeer Darwesh

Jaafar Hammoud

Alisa Vorobeva

参考

补充文件