Logo Politecnico di Torino
ITEN
WebThesis

Policy as Code, how to automate cloud compliance verification with open-source tools

Mattia Caracciolo

Policy as Code, how to automate cloud compliance verification with open-source tools.

Rel. Riccardo Sisto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2023

[thumbnail of Tesi_di_laurea]
Preview
 PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.
Download (2MB) | Preview

Abstract

Container infrastructures, along with the use of the cloud, represent a new paradigm of application development and release that has become widespread in recent years. Although, on the one hand, such infrastructures bring benefits in scalability, management, and application compatibility, on the other hand, they are not to be considered "secure-by-default." Security enforcement in these environments is a complex task if approached with the "old" methodologies. Technologies are therefore evolving, and a new approach was born: "Policy as Code." This approach allows to abstract security policies into code that can then be executed to automate compliance verification of cloud applications and infrastructure.

Furthermore, it permits the management of policies as normal source code, enabling the implementation of all proven software development best practices such as version control, automated testing, and automated deployment

Relatori

Riccardo Sisto

Anno Accademico

2022/23

Tipo di pubblicazione

Elettronica

Numero di pagine

118

Corso di laurea

Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)

Classe di laurea

Nuovo ordinamento > Laurea magistrale > LM-32 - INGEGNERIA INFORMATICA

Aziende collaboratrici

Blue Reply Srl

URI

https://webthesis.biblio.polito.it/id/eprint/26908
Modifica (riservato agli operatori) Modifica (riservato agli operatori)
Logo Politecnico di Torino