Open Access iconOpen Access

ARTICLE

Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing

by Abdul Saboor1,*, Mohd Fadzil Hassan2, Rehan Akbar1, Erwin Susanto3, Syed Nasir Mehmood Shah4, Muhammad Aadil Siddiqui5, Saeed Ahmed Magsi5

1 High-Performance Cloud Computing Centre (HPC3), Department of Computer & Information Sciences, Universiti Teknologi PETRONAS, Seri Iskandar, Perak, Malaysia
2 Centre for Research in Data Science (CeRDaS), Department of Computer & Information Sciences, Universiti Teknologi PETRONAS, Seri Iskandar, Perak, Malaysia
3 School of Electrical Engineering, Telkom University, Bandung, Indonesia
4 KICSIT, Institute of Space Technology (IST), Islamabad, Pakistan
5 Department of Electrical and Electronics Engineering, Universiti Teknologi PETRONAS, Seri Iskandar, Perak, Malaysia

* Corresponding Author: Abdul Saboor. Email: email

Computers, Materials & Continua 2022, 73(2), 2223-2239. https://doi.org/10.32604/cmc.2022.028382

Abstract

Cloud computing has gained significant use over the last decade due to its several benefits, including cost savings associated with setup, deployments, delivery, physical resource sharing across virtual machines, and availability of on-demand cloud services. However, in addition to usual threats in almost every computing environment, cloud computing has also introduced a set of new threats as consumers share physical resources due to the physical co-location paradigm. Furthermore, since there are a growing number of attacks directed at cloud environments (including dictionary attacks, replay code attacks, denial of service attacks, rootkit attacks, code injection attacks, etc.), customers require additional assurances before adopting cloud services. Moreover, the continuous integration and continuous deployment of the code fragments have made cloud services more prone to security breaches. In this study, the model based on the root of trust for continuous integration and continuous deployment is proposed, instead of only relying on a single sign-on authentication method that typically uses only id and password. The underlying study opted hardware security module by utilizing the Trusted Platform Module (TPM), which is commonly available as a cryptoprocessor on the motherboards of the personal computers and data center servers. The preliminary proof of concept demonstrated that the TPM features can be utilized through RESTful services to establish the root of trust for continuous integration and continuous deployment pipeline and can additionally be integrated as a secure microservice feature in the cloud computing environment.

Keywords


Cite This Article

APA Style
Saboor, A., Hassan, M.F., Akbar, R., Susanto, E., Shah, S.N.M. et al. (2022). Root-of-trust for continuous integration and continuous deployment pipeline in cloud computing. Computers, Materials & Continua, 73(2), 2223-2239. https://doi.org/10.32604/cmc.2022.028382
Vancouver Style
Saboor A, Hassan MF, Akbar R, Susanto E, Shah SNM, Siddiqui MA, et al. Root-of-trust for continuous integration and continuous deployment pipeline in cloud computing. Comput Mater Contin. 2022;73(2):2223-2239 https://doi.org/10.32604/cmc.2022.028382
IEEE Style
A. Saboor et al., “Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing,” Comput. Mater. Contin., vol. 73, no. 2, pp. 2223-2239, 2022. https://doi.org/10.32604/cmc.2022.028382



cc Copyright © 2022 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1897

    View

  • 995

    Download

  • 0

    Like

Share Link