Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing
Cloud computing has gained significant use over the last decade due to its several benefits, including cost savings associated with setup, deployments, delivery, physical resource sharing across virtual machines, and availability of on-demand cloud services. However, in addition to usual threats in...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Published: |
Tech Science Press
2022
|
| Online Access: | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85132971242&doi=10.32604%2fcmc.2022.028382&partnerID=40&md5=3ca88c71838abfb817c578d6d57479ad http://eprints.utp.edu.my/33402/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utp.eprints.33402 |
|---|---|
| record_format |
eprints |
| spelling |
my.utp.eprints.334022022-07-26T08:46:05Z Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing Saboor, A. Hassan, M.F. Akbar, R. Susanto, E. Shah, S.N.M. Siddiqui, M.A. Magsi, S.A. Cloud computing has gained significant use over the last decade due to its several benefits, including cost savings associated with setup, deployments, delivery, physical resource sharing across virtual machines, and availability of on-demand cloud services. However, in addition to usual threats in almost every computing environment, cloud computing has also introduced a set of new threats as consumers share physical resources due to the physical co-location paradigm. Furthermore, since there are a growing number of attacks directed at cloud environments (including dictionary attacks, replay code attacks, denial of service attacks, rootkit attacks, code injection attacks, etc.), customers require additional assurances before adopting cloud services. Moreover, the continuous integration and continuous deployment of the code fragments have made cloud services more prone to security breaches. In this study, the model based on the root of trust for continuous integration and continuous deployment is proposed, instead of only relying on a single sign-on authentication method that typically uses only id and password. The underlying study opted hardware security module by utilizing the Trusted Platform Module (TPM), which is commonly available as a cryptoprocessor on the motherboards of the personal computers and data center servers. The preliminary proof of concept demonstrated that the TPM features can be utilized through RESTful services to establish the root of trust for continuous integration and continuous deployment pipeline and can additionally be integrated as a secure microservice feature in the cloud computing environment. © 2022 Tech Science Press. All rights reserved. Tech Science Press 2022 Article NonPeerReviewed https://www.scopus.com/inward/record.uri?eid=2-s2.0-85132971242&doi=10.32604%2fcmc.2022.028382&partnerID=40&md5=3ca88c71838abfb817c578d6d57479ad Saboor, A. and Hassan, M.F. and Akbar, R. and Susanto, E. and Shah, S.N.M. and Siddiqui, M.A. and Magsi, S.A. (2022) Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing. Computers, Materials and Continua, 73 (2). pp. 2223-2239. http://eprints.utp.edu.my/33402/ |
| institution |
Universiti Teknologi Petronas |
| building |
UTP Resource Centre |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Petronas |
| content_source |
UTP Institutional Repository |
| url_provider |
http://eprints.utp.edu.my/ |
| description |
Cloud computing has gained significant use over the last decade due to its several benefits, including cost savings associated with setup, deployments, delivery, physical resource sharing across virtual machines, and availability of on-demand cloud services. However, in addition to usual threats in almost every computing environment, cloud computing has also introduced a set of new threats as consumers share physical resources due to the physical co-location paradigm. Furthermore, since there are a growing number of attacks directed at cloud environments (including dictionary attacks, replay code attacks, denial of service attacks, rootkit attacks, code injection attacks, etc.), customers require additional assurances before adopting cloud services. Moreover, the continuous integration and continuous deployment of the code fragments have made cloud services more prone to security breaches. In this study, the model based on the root of trust for continuous integration and continuous deployment is proposed, instead of only relying on a single sign-on authentication method that typically uses only id and password. The underlying study opted hardware security module by utilizing the Trusted Platform Module (TPM), which is commonly available as a cryptoprocessor on the motherboards of the personal computers and data center servers. The preliminary proof of concept demonstrated that the TPM features can be utilized through RESTful services to establish the root of trust for continuous integration and continuous deployment pipeline and can additionally be integrated as a secure microservice feature in the cloud computing environment. © 2022 Tech Science Press. All rights reserved. |
| format |
Article |
| author |
Saboor, A. Hassan, M.F. Akbar, R. Susanto, E. Shah, S.N.M. Siddiqui, M.A. Magsi, S.A. |
| spellingShingle |
Saboor, A. Hassan, M.F. Akbar, R. Susanto, E. Shah, S.N.M. Siddiqui, M.A. Magsi, S.A. Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing |
| author_facet |
Saboor, A. Hassan, M.F. Akbar, R. Susanto, E. Shah, S.N.M. Siddiqui, M.A. Magsi, S.A. |
| author_sort |
Saboor, A. |
| title |
Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing |
| title_short |
Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing |
| title_full |
Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing |
| title_fullStr |
Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing |
| title_full_unstemmed |
Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing |
| title_sort |
root-of-trust for continuous integration and continuous deployment pipeline in cloud computing |
| publisher |
Tech Science Press |
| publishDate |
2022 |
| url |
https://www.scopus.com/inward/record.uri?eid=2-s2.0-85132971242&doi=10.32604%2fcmc.2022.028382&partnerID=40&md5=3ca88c71838abfb817c578d6d57479ad http://eprints.utp.edu.my/33402/ |
| _version_ |
1739833217261764608 |
| score |
13.211869 |