<p>End-to-end applications (<i>E2E-Apps</i>) are essential for secure and seamless data exchange in scenarios like cloud-based data sharing and decentralized environments. However, they face challenges adapting to changing requirements, integrating security, computing, and storage services, and managing resources effectively in dynamic environments. This paper introduces <i>CIATfunc</i>, a framework for composing <i>Secure End-to-End applications </i>(<i>SecE2E-Apps</i>) by addressing these challenges through the combination of <i>Policy-as-Code</i> for defining high-level security requirements with <i>Infrastructure-as-Code</i> for automating resource provisioning and management. This integration ensures secure, scalable, and efficient workflows tailored to specific needs. The <i>CIATfunc</i> framework was validated through a controlled evaluation and a case study involving the secure exchange of tomographic imagery between valid users and registering transactions in a blockchain (<i>BC</i>). Results demonstrated its capability to build customized and traceable <i>SecE2E-Apps</i> while significantly improving performance through parallel execution of security tasks and efficient resource management.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

CIATfunc: a frame-based serverless framework for composing secure end-to-end applications

  • Ignacio Castillo-Barrios,
  • Ricardo A. Ibarra-Garcia,
  • Jose Luis Gonzalez-Compean,
  • Arturo Diaz-Perez,
  • Ivan Lopez-Arevalo,
  • Miguel Morales-Sandoval,
  • Jose Juan Garcia-Hernandez,
  • Heriberto Aguirre Meneses,
  • Marco Antonio Núñez Gaona

摘要

End-to-end applications (E2E-Apps) are essential for secure and seamless data exchange in scenarios like cloud-based data sharing and decentralized environments. However, they face challenges adapting to changing requirements, integrating security, computing, and storage services, and managing resources effectively in dynamic environments. This paper introduces CIATfunc, a framework for composing Secure End-to-End applications (SecE2E-Apps) by addressing these challenges through the combination of Policy-as-Code for defining high-level security requirements with Infrastructure-as-Code for automating resource provisioning and management. This integration ensures secure, scalable, and efficient workflows tailored to specific needs. The CIATfunc framework was validated through a controlled evaluation and a case study involving the secure exchange of tomographic imagery between valid users and registering transactions in a blockchain (BC). Results demonstrated its capability to build customized and traceable SecE2E-Apps while significantly improving performance through parallel execution of security tasks and efficient resource management.