SecDocker: Hardening the Continuous Integration Workflow

Fernández González, David; Rodríguez Lera, Francisco Javier; Esteban, Gonzalo; Fernández Llamas, Camino

doi:10.1007/s42979-021-00939-4

Título

SecDocker: Hardening the Continuous Integration Workflow

Autor

Fernández González, David

Rodríguez Lera, Francisco Javier

Esteban, Gonzalo

Fernández Llamas, Camino

Facultad/Centro

Escuela de Ingenierias Industrial e Informatica

Área de conocimiento

Ciencias de la Computacion e Inteligencia Artificial

Título de la revista

SN Computer Science

Datos de la obra

Fernández González, D., Rodríguez Lera, F.J., Esteban, G. et al. SecDocker: Hardening the Continuous Integration Workflow. SN COMPUT. SCI. 3, 80 (2022). https://doi.org/10.1007/s42979-021-00939-4

Editor

Springer

Fecha

2022

ISSN

2662-995X

Abstract

[EN] Current Continuous Integration (CI) processes face significant intrinsic cybersecurity challenges. The idea is not only to solve and test formal or regulatory security requirements of source code but also to adhere to the same principles to the CI pipeline itself. This paper presents an overview of current security issues in CI workflow. It designs, develops, and deploys a new tool for the secure deployment of a container-based CI pipeline flow without slowing down release cycles. The tool, called SecDocker for its Docker-based approach, is publicly available in GitHub. It implements a transparent application f irewall based on a configuration mechanism avoiding issues in the CI workflow associated with intended or unintended container configurations. Integrated with other DevOps Engineers tools, it provides feedback from only those scenarios that match specific patterns, addressing future container security issues.

Materia

Informática
Ingeniería de sistemas

Palabras clave

Peer review

URI

http://hdl.handle.net/10612/14043

DOI

10.1007/s42979-021-00939-4

Versión del editor

https://link.springer.com/article/10.1007/s42979-021-00939-4

Collections