A Systematic Literature Review on Continuous Integration and Deployment (CI/CD) for Secure Cloud Computing

• URL: http://arxiv.org/abs/2506.08055v1
• Date: Mon, 09 Jun 2025 04:21:29 GMT
• Title: A Systematic Literature Review on Continuous Integration and Deployment (CI/CD) for Secure Cloud Computing
• Authors: Sabbir M. Saleh, Nazim Madhavji, John Steinbacher,
• Abstract summary: Continuous Software Engineering is essential for software development and deployment.<n>We reviewed 66 papers, summarising tools, approaches, and challenges related to the security of CI/CD in the cloud.<n>Challenges such as image manipulation, unauthorised access, and weak authentication were highlighted.
• Score: 0.6117371161379209
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: As cloud environments become widespread, cybersecurity has emerged as a top priority across areas such as networks, communication, data privacy, response times, and availability. Various sectors, including industries, healthcare, and government, have recently faced cyberattacks targeting their computing systems. Ensuring secure app deployment in cloud environments requires substantial effort. With the growing interest in cloud security, conducting a systematic literature review (SLR) is critical to identifying research gaps. Continuous Software Engineering, which includes continuous integration (CI), delivery (CDE), and deployment (CD), is essential for software development and deployment. In our SLR, we reviewed 66 papers, summarising tools, approaches, and challenges related to the security of CI/CD in the cloud. We addressed key aspects of cloud security and CI/CD and reported on tools such as Harbor, SonarQube, and GitHub Actions. Challenges such as image manipulation, unauthorised access, and weak authentication were highlighted. The review also uncovered research gaps in how tools and practices address these security issues in CI/CD pipelines, revealing a need for further study to improve cloud-based security solutions.

Related papers

• Enabling Security on the Edge: A CHERI Compartmentalized Network Stack [42.78181795494584]
  CHERI provides strong security from the hardware level by enabling fine-grained compartmentalization and memory protection.<n>Our case study examines the trade-offs of isolating applications, TCP/IP libraries, and network drivers on a CheriBSD system deployed on the Arm Morello platform.
  arXiv  Detail & Related papers  (2025-07-07T09:37:59Z)
• CyberGym: Evaluating AI Agents' Cybersecurity Capabilities with Real-World Vulnerabilities at Scale [46.76144797837242]
  Large language model (LLM) agents are becoming increasingly skilled at handling cybersecurity tasks autonomously.<n>Existing benchmarks fall short, often failing to capture real-world scenarios or being limited in scope.<n>We introduce CyberGym, a large-scale and high-quality cybersecurity evaluation framework featuring 1,507 real-world vulnerabilities.
  arXiv  Detail & Related papers  (2025-06-03T07:35:14Z)
• Llama-3.1-FoundationAI-SecurityLLM-Base-8B Technical Report [50.268821168513654]
  We present Foundation-Sec-8B, a cybersecurity-focused large language model (LLMs) built on the Llama 3.1 architecture.<n>We evaluate it across both established and new cybersecurity benchmarks, showing that it matches Llama 3.1-70B and GPT-4o-mini in certain cybersecurity-specific tasks.<n>By releasing our model to the public, we aim to accelerate progress and adoption of AI-driven tools in both public and private cybersecurity contexts.
  arXiv  Detail & Related papers  (2025-04-28T08:41:12Z)
• Acurast: Decentralized Serverless Cloud [37.860555651161796]
  Acurast is a serverless cloud with a purpose-built orchestrator and reputation engine.<n>Developers can off-load their computations and verify cryptographically.<n>Acurast offers a modular execution layer, taking advantage of secure hardware and trusted execution environments.
  arXiv  Detail & Related papers  (2025-03-19T19:09:21Z)
• ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Advancing Software Security and Reliability in Cloud Platforms through AI-based Anomaly Detection [0.5599792629509228]
  This research aims to enhance CI/CD pipeline security by implementing anomaly detection through AI support. The goal is to identify unusual behaviour or variations from network traffic patterns in pipeline and cloud platforms. We implemented a combination of Convolution Neural Network(CNN) and Long Short-Term Memory (LSTM) to detect unusual traffic patterns.
  arXiv  Detail & Related papers  (2024-11-14T05:45:55Z)
• Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
  We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
  arXiv  Detail & Related papers  (2024-05-03T07:18:45Z)
• CloudLens: Modeling and Detecting Cloud Security Vulnerabilities [15.503757553097387]
  Cloud computing services provide scalable and cost-effective solutions for data storage, processing, and collaboration.<n>Access control misconfigurations are often the primary driver for cloud attacks.<n>A planner generates attacks to identify such vulnerabilities in the cloud.
  arXiv  Detail & Related papers  (2024-02-16T03:28:02Z)
• A Study on the Security Requirements Analysis to build a Zero Trust-based Remote Work Environment [2.1961544533969257]
  This paper proposes detailed security requirements based on the Zero Trust model and conducts security analyses of various cloud services accordingly. As a result of the security analysis, we proposed potential threats and countermeasures for cloud services with Zero Trust.
  arXiv  Detail & Related papers  (2024-01-08T05:50:20Z)
• The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
  Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
  arXiv  Detail & Related papers  (2024-01-03T07:47:22Z)
• Software Repositories and Machine Learning Research in Cyber Security [0.0]
  The integration of robust cyber security defenses has become essential across all phases of software development. Attempts have been made to leverage topic modeling and machine learning for the detection of these early-stage vulnerabilities in the software requirements process.
  arXiv  Detail & Related papers  (2023-11-01T17:46:07Z)
• A Review of Machine Learning-based Security in Cloud Computing [5.384804060261833]
  Cloud Computing (CC) is revolutionizing the way IT resources are delivered to users, allowing them to access and manage their systems with increased cost-effectiveness and simplified infrastructure. With the growth of CC comes a host of security risks, including threats to availability, integrity, and confidentiality. Machine Learning (ML) is increasingly being used by Cloud Service Providers (CSPs) to reduce the need for human intervention in identifying and resolving security issues.
  arXiv  Detail & Related papers  (2023-09-10T01:52:23Z)
• Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
  Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
  arXiv  Detail & Related papers  (2020-10-19T13:09:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.