Scribd
Upload
10 views2 pages

Relatedworks

Software engineering

Uploaded by

Abdulhadi Ahmad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views2 pages

Relatedworks

Software engineering

Uploaded by

Abdulhadi Ahmad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Related Works

Daniel Richter et al.'s Security Considerations for Microservice Architectures


[2] explores the layered complexities introduced by microservice-based
systems, focusing on cloud environments. The work highlights the role of
architectural decisions in securing communication between components and
mitigating risks in deployment technologies such as Docker and Kubernetes.
While the study emphasizes early integration of security measures in
architectural design, it points out how far short current practice falls from
addressing advanced threat vectors that arise from scaling distributed systems.
The application domain includes all those organizations transitioning to
microservices for agility and scalability, with security challenges.
Evangelos Ntentos et al. give an insight into how to improve security in IaC
practices in their work, On the Understandability of Design-Level Security
Practices in Infrastructure-as-Code Scripts and Deployment Architectures [4].
This approach focuses on the utilization of semi-formal models and metrics that
assess design-level security, including but not limited to observability, traffic
control, and secure authentication methods. This work also demonstrates how
architectural decisions in IaC environments have a direct consequence on the
system's resilience and compliance with security best practices. Its application
domain includes organizations using IaC tools like Terraform and Ansible in
order to automate infrastructure provisioning securely.
Integrated Checklist for Architecture Design of Critical Software Systems [3] In
this paper, the authors introduce an integrated checklist that guides an architect
in designing secure critical systems. The checklist operates across many
domains, including healthcare and energy, and across various phases of
prevention, detection, containment, recovery, and post-incident analysis. By
placing strong emphasis on the built-in mechanisms for threat handling during
the design phase, the work underlines the role of proactive architectural
strategies in improving system dependability. The application domain is critical
infrastructures where robust security and reliability are paramount.
Lastly, the literature, Essential Activities for Secure Software Development, by
Mamdouh Alenezi and Sadiq Almuairfi [1], studies basic activities involved in
developing secure software systems. Emphasis was made on focusing on
embedding security principles through the whole SDLC process. More
emphasis is paid to the embedding of security during the design of the software;
this will attain confidentiality, integrity, availability, and non-repudiation. Key
concepts introduced in this research include attack surface reduction,
establishment of secure perimeters, and application of defense-in-depth
strategies. In addition, the research covers risk management through threat
modeling, design guidelines, and secure testing practices. The study provides an
overview of best practices and models such as Microsoft SDL and DevSecOps;
it also describes challenges with regard to evolving threat landscapes and costs
of implementing robust security. The application domain is very wide, with
recommendations for increasing the security of software systems throughout
their life cycles.

You might also like