Item request has been placed! ×
Item request cannot be made. ×
loading  Processing Request

Detecção de smells em políticas de segurança para plataformas cloud ; Detection of Smells in security policies por cloud platforms

Item request has been placed! ×
Item request cannot be made. ×
loading   Processing Request
اقرأ أكثر حفظ في قائمتي
  • معلومة اضافية
    • Contributors:
      Scannavino, Katia Romero Felizardo; orcid:0000-0001-9080-4165; http://lattes.cnpq.br/3546986594133608; Endo, Andre Takeshi; http://lattes.cnpq.br/4221336619791961; Souza, Erica Ferreira de; http://lattes.cnpq.br/8904855809524041; Pereira, Roberto; http://lattes.cnpq.br/8193977956382984; Watanabe, Willian Massami; http://lattes.cnpq.br/8946276875418151
    • بيانات النشر:
      Universidade Tecnológica Federal do Paraná
      Cornelio Procopio
      Brasil
      Programa de Pós-Graduação em Informática
      UTFPR
    • الموضوع:
      2023
    • Collection:
      Universidade Tecnológica Federal do Paraná (UTFPR): Repositório Institucional (RIUT)
    • نبذة مختصرة :
      Background: With the increasing demand for cloud computing, security concerns are increasingly present. In order to centralize access and security management, cloud computing providers implement the Security-as-a-service model, which represents security offered as a cloud service. A code smell is a signal that normally corresponds to a problem in the system, although not necessarily. In cases of excess privileges, the application may be exposed, with security risks and, if the user has fewer privileges than necessary, the application will malfunction. Detecting smells in security policies for cloud platforms implies checking whether there are excesses or absences of user privileges. Objective: The objective of this work was to develop a static code analysis tool that identifies security smells in security policies for cloud applications. With the tool, it was possible to map necessary permissions and compare with permissions granted to the programmatic IAM user, which is the user assigned to the application in the production environment, so that it has access to cloud resources and services; providing a report of excess and/or lack of privileges. For this work, the Amazon AWS provider was chosen, as it is the most widely used platform. Method: Initially, a survey of smells was carried out in answers to questions regarding permissions of programmatic users in a cloud environment, in the StackOverflow forum. Subsequently, a mapping was conducted in order to identify AWS SDK methods and APIs that relate to security and access policies. With the support of this mapping, a tool was developed and, with information provided by the developer, produced reports with security smells. Finally, an experimental evaluation was conducted and the approach and tool were evaluated in open source applications. Conclusions: The proposed approach proved to be promising, being able to identify smells both in open source projects, via source code analysis, and in the programmatic IAM user of the cloud available for testing. It was ...
    • File Description:
      application/pdf
    • Relation:
      DEIZEPE, Anderson Roberto. Detecção de smells em políticas de segurança para plataformas cloud. 2023. Dissertação (Mestrado em Informática) - Universidade Tecnológica Federal do Paraná, Cornélio Procópio, 2023.; http://repositorio.utfpr.edu.br/jspui/handle/1/32488
    • Rights:
      openAccess
    • الرقم المعرف:
      edsbas.4B7A0C8C