Logo Politecnico di Torino
ENIT
WebThesis

Policy as Code, how to automate cloud compliance verification with open-source tools

Mattia Caracciolo

Policy as Code, how to automate cloud compliance verification with open-source tools.

Rel. Riccardo Sisto. Politecnico di Torino, Master of science program in Computer Engineering, 2023

[thumbnail of Tesi_di_laurea]
Preview
 PDF (Tesi_di_laurea) - Thesis
Licence: Creative Commons Attribution Non-commercial No Derivatives.
Download (2MB) | Preview

Abstract

Container infrastructures, along with the use of the cloud, represent a new paradigm of application development and release that has become widespread in recent years. Although, on the one hand, such infrastructures bring benefits in scalability, management, and application compatibility, on the other hand, they are not to be considered "secure-by-default." Security enforcement in these environments is a complex task if approached with the "old" methodologies. Technologies are therefore evolving, and a new approach was born: "Policy as Code." This approach allows to abstract security policies into code that can then be executed to automate compliance verification of cloud applications and infrastructure.

Furthermore, it permits the management of policies as normal source code, enabling the implementation of all proven software development best practices such as version control, automated testing, and automated deployment

Relators

Riccardo Sisto

Academic year

2022/23

Publication type

Electronic

Number of Pages

118

Course of studies

Master of science program in Computer Engineering

Classe di laurea

New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING

Aziende collaboratrici

Blue Reply Srl

URI

https://webthesis.biblio.polito.it/id/eprint/26908
Modify record (reserved for operators) Modify record (reserved for operators)
Logo Politecnico di Torino