A Hierarchical Rule-Based Security Management System for Date-Intensive Applications
dc.contributor.advisor | Litoiu, Marin | |
dc.creator | Rouf, Yar Akhter | |
dc.date.accessioned | 2018-11-21T13:57:39Z | |
dc.date.available | 2018-11-21T13:57:39Z | |
dc.date.copyright | 2018-09-06 | |
dc.date.issued | 2018-11-21 | |
dc.date.updated | 2018-11-21T13:57:38Z | |
dc.degree.discipline | Information Systems and Technology | |
dc.degree.level | Master's | |
dc.degree.name | MA - Master of Arts | |
dc.description.abstract | Applications in today's software development environment evolve at a rapid rate, constantly providing their users with new functionalities. As a result, it becomes increasingly complex to understand the entire application. The security team and the developers may not completely understand each others approaches, resulting in a less secure system with vulnerabilities. In addition, there is large amount of security data to be analyzed. To mitigate these issues, we propose a platform to support the SecDevOps framework, a hierarchical distributed architecture for security control that uses a Business Rules Engine (BRE). The BRE simplifies security rules by allowing the teams to write them at an operational level rather than at the network level, which requires specialized knowledge. Business rules are universally understood by the different teams, resulting in effective inter-team communication. Additionally, the platform can expand and scale with new security rules and data sources at runtime in a systematic manner. | |
dc.identifier.uri | http://hdl.handle.net/10315/35592 | |
dc.language.iso | en | |
dc.rights | Author owns copyright, except where explicitly noted. Please contact the author directly with licensing requests. | |
dc.subject | Computer engineering | |
dc.subject.keywords | Software security | |
dc.subject.keywords | Cloud computing | |
dc.subject.keywords | Big data | |
dc.subject.keywords | DevOps | |
dc.subject.keywords | SecDevOps | |
dc.subject.keywords | Business rules | |
dc.title | A Hierarchical Rule-Based Security Management System for Date-Intensive Applications | |
dc.type | Electronic Thesis or Dissertation |