Trends for the DevOps Security : A Systematic Literature Review

Leppänen, Tiina; Honkaranta, Anne; Costin, Andrei

doi:10.1007/978-3-031-11510-3_12

dc.contributor.author	Leppänen, Tiina
dc.contributor.author	Honkaranta, Anne
dc.contributor.author	Costin, Andrei
dc.contributor.editor	Shishkov, Boris
dc.date.accessioned	2023-01-25T11:35:30Z
dc.date.available	2023-01-25T11:35:30Z
dc.date.issued	2022
dc.identifier.citation	Leppänen, T., Honkaranta, A., & Costin, A. (2022). Trends for the DevOps Security : A Systematic Literature Review. In B. Shishkov (Ed.), <i>Business Modeling and Software Design : 12th International Symposium, BMSD 2022, Fribourg, Switzerland, June 27–29, 2022, Proceedings</i> (pp. 200-217). Springer International Publishing. Lecture Notes in Business Information Processing, 453. <a href="https://doi.org/10.1007/978-3-031-11510-3_12" target="_blank">https://doi.org/10.1007/978-3-031-11510-3_12</a>
dc.identifier.other	CONVID_150981346
dc.identifier.uri	https://jyx.jyu.fi/handle/123456789/85182
dc.description.abstract	Due to technical advances, old ways for securing DevOps software development have become obsolete. Thus, researchers and practitioners need new insights into the security challenges and practices of DevOps development. This paper reviews the data extraction and analysis phase and results of a Systematic Literature Review (SLR) study that was carried out in 2019. The outcome is an updated list of security challenges and practices for DevOps software development. Both reviews shows that the most essential challenges for the DevOps security deal with the complexity of the development pipelines and the overall complexity of the cloud and microservice environments. The security activities identified were classified by using the BSIMM maturity model for software security as a framework. Our review shows that DevOps security research focuses mostly on deployment phase and technical aspects of software security. We compared the security activities identified in our study with the ones identified by the BSIMM development company in their 2020 review of 128 practitioners’ security practices and found matching practices and similar trends.	en
dc.format.extent	309
dc.format.mimetype	application/pdf
dc.language.iso	eng
dc.publisher	Springer International Publishing
dc.relation.ispartof	Business Modeling and Software Design : 12th International Symposium, BMSD 2022, Fribourg, Switzerland, June 27–29, 2022, Proceedings
dc.relation.ispartofseries	Lecture Notes in Business Information Processing
dc.rights	In Copyright
dc.subject.other	DevOps
dc.subject.other	security
dc.subject.other	systematic literature review
dc.title	Trends for the DevOps Security : A Systematic Literature Review
dc.type	conferenceObject
dc.identifier.urn	URN:NBN:fi:jyu-202301251474
dc.contributor.laitos	Informaatioteknologian tiedekunta	fi
dc.contributor.laitos	Faculty of Information Technology	en
dc.contributor.oppiaine	Tekniikka	fi
dc.contributor.oppiaine	Secure Communications Engineering and Signal Processing	fi
dc.contributor.oppiaine	Engineering	en
dc.contributor.oppiaine	Secure Communications Engineering and Signal Processing	en
dc.type.uri	http://purl.org/eprint/type/ConferencePaper
dc.relation.isbn	978-3-031-11509-7
dc.type.coar	http://purl.org/coar/resource_type/c_5794
dc.description.reviewstatus	peerReviewed
dc.format.pagerange	200-217
dc.relation.issn	1865-1348
dc.type.version	acceptedVersion
dc.rights.copyright	© 2022 Springer Nature Switzerland AG
dc.rights.accesslevel	openAccess	fi
dc.relation.conference	International Symposium on Business Modeling and Software Design
dc.subject.yso	ohjelmistokehitys
dc.subject.yso	tietoturva
dc.subject.yso	tietojärjestelmät
dc.subject.yso	systemaattiset kirjallisuuskatsaukset
dc.subject.yso	turvallisuus
dc.subject.yso	teknologinen kehitys
dc.format.content	fulltext
jyx.subject.uri	http://www.yso.fi/onto/yso/p21530
jyx.subject.uri	http://www.yso.fi/onto/yso/p5479
jyx.subject.uri	http://www.yso.fi/onto/yso/p3927
jyx.subject.uri	http://www.yso.fi/onto/yso/p29683
jyx.subject.uri	http://www.yso.fi/onto/yso/p7349
jyx.subject.uri	http://www.yso.fi/onto/yso/p8956
dc.rights.url	http://rightsstatements.org/page/InC/1.0/?language=en
dc.relation.doi	10.1007/978-3-031-11510-3_12
dc.type.okm	A4

Aineistoon kuuluvat tiedostot

Nimi:: Trends_for_the_DevOps_Security ...
Koko:: 358.7Kb
Tiedostomuoto:: PDF
Kuvaus:: acceptedVersion

Katso/Avaa

Aineisto kuuluu seuraaviin kokoelmiin

Informaatioteknologian tiedekunta [2136]

Näytä suppeat kuvailutiedot

Trends for the DevOps Security : A Systematic Literature Review

Aineistoon kuuluvat tiedostot

Aineisto kuuluu seuraaviin kokoelmiin

Samankaltainen aineisto

Artificial Intelligence for Cybersecurity : A Systematic Mapping of Literature ﻿

Reconfigurations in sustainability transitions : a systematic and critical review ﻿

A systematic literature review on employee relations with CSR : State of art and future research agenda ﻿

Etic and emic data production methods in the study of journalistic work practices : A systematic literature review ﻿

What do we do when we analyse the temporal aspects of computer-supported collaborative learning? A systematic literature review ﻿

Artificial Intelligence for Cybersecurity : A Systematic Mapping of Literature

Reconfigurations in sustainability transitions : a systematic and critical review

A systematic literature review on employee relations with CSR : State of art and future research agenda

Etic and emic data production methods in the study of journalistic work practices : A systematic literature review

What do we do when we analyse the temporal aspects of computer-supported collaborative learning? A systematic literature review