Towards a Blockchain-Based CI/CD Framework to Enhance Security in Cloud Environments

• URL: http://arxiv.org/abs/2510.16087v1
• Date: Fri, 17 Oct 2025 15:41:40 GMT
• Title: Towards a Blockchain-Based CI/CD Framework to Enhance Security in Cloud Environments
• Authors: Sabbir M Saleh, Nazim Madhavji, John Steinbacher,
• Abstract summary: This research focuses on security issues within Continuous Integration and Deployment (CI/CD) pipelines in a cloud platform as a reaction to recent cyber breaches.<n>This research proposes a blockchain-based solution to enhance CI/CD pipeline security.
• Score: 0.1784233255402269
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Security is becoming a pivotal point in cloud platforms. Several divisions, such as business organisations, health care, government, etc., have experienced cyber-attacks on their infrastructures. This research focuses on security issues within Continuous Integration and Deployment (CI/CD) pipelines in a cloud platform as a reaction to recent cyber breaches. This research proposes a blockchain-based solution to enhance CI/CD pipeline security. This research aims to develop a framework that leverages blockchain's distributed ledger technology and tamper-resistant features to improve CI/CD pipeline security. The goal is to emphasise secure software deployment by integrating threat modelling frameworks and adherence to coding standards. It also aims to employ tools to automate security testing to detect publicly disclosed vulnerabilities and flaws, such as an outdated version of Java Spring Framework, a JavaScript library from an unverified source, or a database library that allows SQL injection attacks in the deployed software through the framework.

Related papers

• Framework for Integrating Zero Trust in Cloud-Based Endpoint Security for Critical Infrastructure [0.0]
  Zero Trust Architecture (ZTA) treats every access request as new and assumes no implicit trust.<n>This paper proposes a comprehensive framework for integrating tailored ZTA into organizations that manage sensitive operations.
  arXiv  Detail & Related papers  (2026-02-09T17:15:57Z)
• ORCA -- An Automated Threat Analysis Pipeline for O-RAN Continuous Development [57.61878484176942]
  Open-Radio Access Network (O-RAN) integrates numerous software components in a cloud-like deployment, opening the radio access network to previously unconsidered security threats.<n>Current vulnerability assessment practices often rely on manual, labor-intensive, and subjective investigations, leading to inconsistencies in the threat analysis.<n>We propose an automated pipeline that leverages Natural Language Processing (NLP) to minimize human intervention and associated biases.
  arXiv  Detail & Related papers  (2026-01-20T07:31:59Z)
• Functional Encryption in Secure Neural Network Training: Data Leakage and Practical Mitigations [45.88028371034407]
  We present an attack on neural networks that uses Functional Encryption (FE) for secure training over encrypted data.<n>One approach ensures security without relying on encryption, while the other uses function-hiding inner-product techniques.
  arXiv  Detail & Related papers  (2025-09-25T19:56:05Z)
• Markov Chain-based Model of Blockchain Radio Access Networks [65.59619477031194]
  One wireless access approach that has captured attention is blockchain enabled RAN (B-RAN)<n>This research introduces a framework that integrates blockchain technology into RAN while also addressing the limitations of state-of-the-art models.<n>Results demonstrate reduced latency and comparable security making the presented framework suitable for diverse application scenarios.
  arXiv  Detail & Related papers  (2025-08-20T08:28:30Z)
• CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment [45.86654759872101]
  Cyber-physical systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks.<n>We propose CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check.<n>We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible overhead.
  arXiv  Detail & Related papers  (2025-06-12T12:22:45Z)
• A Systematic Literature Review on Continuous Integration and Deployment (CI/CD) for Secure Cloud Computing [0.6117371161379209]
  Continuous Software Engineering is essential for software development and deployment.<n>We reviewed 66 papers, summarising tools, approaches, and challenges related to the security of CI/CD in the cloud.<n>Challenges such as image manipulation, unauthorised access, and weak authentication were highlighted.
  arXiv  Detail & Related papers  (2025-06-09T04:21:29Z)
• Enhancing Software Supply Chain Security Through STRIDE-Based Threat Modelling of CI/CD Pipelines [1.3535770763481907]
  This study applies a structured threat modeling approach to identify and mitigate risks throughout the Continuous Integration/ Continuous Deployment lifecycle.<n>Threats are documented and to comprehensive security controls drawn from standards like NIST SP 800-218, Top 10 CI/CD risks, and the SLSA framework.<n>This approach provides a pragmatic roadmap for enhancing CI/CD pipeline security against evolving software supply chain threats.
  arXiv  Detail & Related papers  (2025-06-06T19:06:59Z)
• ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Advancing Software Security and Reliability in Cloud Platforms through AI-based Anomaly Detection [0.5599792629509228]
  This research aims to enhance CI/CD pipeline security by implementing anomaly detection through AI support. The goal is to identify unusual behaviour or variations from network traffic patterns in pipeline and cloud platforms. We implemented a combination of Convolution Neural Network(CNN) and Long Short-Term Memory (LSTM) to detect unusual traffic patterns.
  arXiv  Detail & Related papers  (2024-11-14T05:45:55Z)
• Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
  We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
  arXiv  Detail & Related papers  (2024-05-03T07:18:45Z)
• Enhancing Trust and Privacy in Distributed Networks: A Comprehensive Survey on Blockchain-based Federated Learning [51.13534069758711]
  Decentralized approaches like blockchain offer a compelling solution by implementing a consensus mechanism among multiple entities. Federated Learning (FL) enables participants to collaboratively train models while safeguarding data privacy. This paper investigates the synergy between blockchain's security features and FL's privacy-preserving model training capabilities.
  arXiv  Detail & Related papers  (2024-03-28T07:08:26Z)
• Security and Privacy Enhancing in Blockchain-based IoT Environments via Anonym Auditing [0.0]
  We propose a novel framework that combines the decentralized nature of blockchain with advanced security protocols tailored for IoT contexts. We outline the architecture of blockchain in IoT environments, emphasizing the workflow and specific security mechanisms employed. We introduce a security protocol that integrates privacy-enhancing tools and anonymous auditing methods, including the use of advanced cryptographic techniques for anonymity.
  arXiv  Detail & Related papers  (2024-03-03T01:09:43Z)
• CloudLens: Modeling and Detecting Cloud Security Vulnerabilities [15.503757553097387]
  Cloud computing services provide scalable and cost-effective solutions for data storage, processing, and collaboration.<n>Access control misconfigurations are often the primary driver for cloud attacks.<n>A planner generates attacks to identify such vulnerabilities in the cloud.
  arXiv  Detail & Related papers  (2024-02-16T03:28:02Z)
• Generative AI-enabled Blockchain Networks: Fundamentals, Applications, and Case Study [73.87110604150315]
  Generative Artificial Intelligence (GAI) has emerged as a promising solution to address challenges of blockchain technology. In this paper, we first introduce GAI techniques, outline their applications, and discuss existing solutions for integrating GAI into blockchains.
  arXiv  Detail & Related papers  (2024-01-28T10:46:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.