DSpace Repository

A Hierarchical Rule-Based Security Management System for Date-Intensive Applications

A Hierarchical Rule-Based Security Management System for Date-Intensive Applications

Show full item record

Title: A Hierarchical Rule-Based Security Management System for Date-Intensive Applications
Author: Rouf, Yar Akhter
Abstract: Applications in today's software development environment evolve at a rapid rate, constantly providing their users with new functionalities. As a result, it becomes increasingly complex to understand the entire application. The security team and the developers may not completely understand each others approaches, resulting in a less secure system with vulnerabilities. In addition, there is large amount of security data to be analyzed. To mitigate these issues, we propose a platform to support the SecDevOps framework, a hierarchical distributed architecture for security control that uses a Business Rules Engine (BRE). The BRE simplifies security rules by allowing the teams to write them at an operational level rather than at the network level, which requires specialized knowledge. Business rules are universally understood by the different teams, resulting in effective inter-team communication. Additionally, the platform can expand and scale with new security rules and data sources at runtime in a systematic manner.
Subject: Computer engineering
Keywords: Software security
Cloud computing
Big data
DevOps
SecDevOps
Business rules
Type: Electronic Thesis or Dissertation
Rights: Author owns copyright, except where explicitly noted. Please contact the author directly with licensing requests.
URI: http://hdl.handle.net/10315/35592
Supervisor: Litoiu, Marin
Degree: MA - Master of Arts
Program: Information Systems and Technology
Exam date: 2018-09-06
Publish on: 2018-11-21

Files in this item





This item appears in the following Collection(s)