Mostrar el registro sencillo del ítem
dc.contributor | Escuela de Ingenierias Industrial e Informatica | es_ES |
dc.contributor.author | Fernández González, David | |
dc.contributor.author | Rodríguez Lera, Francisco Javier | |
dc.contributor.author | Esteban, Gonzalo | |
dc.contributor.author | Fernández Llamas, Camino | |
dc.contributor.other | Ciencias de la Computacion e Inteligencia Artificial | es_ES |
dc.date | 2022 | |
dc.date.accessioned | 2022-02-28T12:52:41Z | |
dc.date.available | 2022-02-28T12:52:41Z | |
dc.identifier.citation | Fernández González, D., Rodríguez Lera, F.J., Esteban, G. et al. SecDocker: Hardening the Continuous Integration Workflow. SN COMPUT. SCI. 3, 80 (2022). https://doi.org/10.1007/s42979-021-00939-4 | |
dc.identifier.issn | 2662-995X | |
dc.identifier.other | https://link.springer.com/article/10.1007/s42979-021-00939-4 | |
dc.identifier.uri | http://hdl.handle.net/10612/14043 | |
dc.description | 1-13 p. | es_ES |
dc.description.abstract | [EN] Current Continuous Integration (CI) processes face significant intrinsic cybersecurity challenges. The idea is not only to solve and test formal or regulatory security requirements of source code but also to adhere to the same principles to the CI pipeline itself. This paper presents an overview of current security issues in CI workflow. It designs, develops, and deploys a new tool for the secure deployment of a container-based CI pipeline flow without slowing down release cycles. The tool, called SecDocker for its Docker-based approach, is publicly available in GitHub. It implements a transparent application f irewall based on a configuration mechanism avoiding issues in the CI workflow associated with intended or unintended container configurations. Integrated with other DevOps Engineers tools, it provides feedback from only those scenarios that match specific patterns, addressing future container security issues. | es_ES |
dc.language | eng | es_ES |
dc.publisher | Springer | es_ES |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internacional | * |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internacional | * |
dc.rights | Attribution 4.0 International | * |
dc.rights.uri | https://creativecommons.org/licenses/by/4.0/ | * |
dc.subject | Informática | es_ES |
dc.subject | Ingeniería de sistemas | es_ES |
dc.subject.other | Containerization | es_ES |
dc.subject.other | Continuous integration | |
dc.subject.other | Docker | |
dc.title | SecDocker: Hardening the Continuous Integration Workflow | es_ES |
dc.type | info:eu-repo/semantics/article | es_ES |
dc.identifier.doi | 10.1007/s42979-021-00939-4 | |
dc.description.peerreviewed | SI | es_ES |
dc.relation.projectID | ||
dc.rights.accessRights | info:eu-repo/semantics/openAccess | es_ES |
dc.identifier.essn | 2661-8907 | |
dc.journal.title | SN Computer Science | es_ES |
dc.volume.number | 3 | es_ES |
dc.page.initial | 1 | es_ES |
dc.page.final | 13 | es_ES |
dc.type.hasVersion | info:eu-repo/semantics/draft | es_ES |
dc.description.other | https://link.springer.com/article/10.1007/s42979-021-00939-4 | es_ES |
dc.description.project | Publicación en abierto financiada por el Consorcio de Bibliotecas Universitarias de Castilla y León (BUCLE), con cargo al Programa Operativo 2014ES16RFOP009 FEDER 2014-2020 DE CASTILLA Y LEÓN, Actuación:20007-CL - Apoyo Consorcio BUCLE |
Ficheros en el ítem
Este ítem aparece en la(s) siguiente(s) colección(ones)
-
Artículos [4217]