EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Introducing model-based tool support for applying zero-trust security for microservices at a bank
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.ORCID iD: 0000-0003-3712-7454
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.ORCID iD: 0000-0003-3290-2597
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.ORCID iD: 0000-0001-9044-5836
2024 (English)In: BIR-WS 2024, BIR 2024 Workshops and Doctoral Consortium / [ed] Ana-Maria Ghiran; Anne Gutschmidt; Ulf Seigerroth; Kurt Sandkuhl; Marite Kirikova; Peter Forbrig; Charles Møller; Robert Andrei Buchmann; Emanuele Laurenzi; Björn Johansson; Filip Vencovský, 2024, p. 180-188Conference paper, Published paper (Refereed)
Abstract [en]

Zero-trust security involves designing, coding, and deploying applications, assuming that threats may exist both inside and outside the application environment. Developing applications using a zero-trust design is complex since it requires internal development teams to understand and apply zero-trust principles throughout the development process. This is especially crucial for microservice architectures, where many independent teams develop services. However, enforcing and teaching security principles may lead to a formal process, focusing on documentation and auditing rather than agile development. In this paper, we describe a pragmatic use of a modeling tool that is tied to a knowledge repository and contains means for team communication. The tool supports a systemic way of developing zero-trust architectures, catering to both programming needs and the desire to improve the overall development process. The paper concludes with lessons learned from a bank case study where the tool has been developed and utilised for microservices development.
Place, publisher, year, edition, pages
2024. p. 180-188
Series
CEUR Workshop Proceedings, E-ISSN 1613-0073
Keywords [en]
Zero-trust architecture, Modeling tool, STRIDE analysis, VSM
National Category
Information Systems
Research subject
Computer and Systems Sciences
Identifiers
URN: urn:nbn:se:su:diva-235704OAI: oai:DiVA.org:su-235704DiVA, id: diva2:1914449
Conference
BIR-WS 2024: BIR 2024 Workshops and Doctoral Consortium, 23rd International Conference on Perspectives in Business Informatics Research (BIR 2024), September 11, 2024, Prague, Czech Republic.
Available from: 2024-11-19 Created: 2024-11-19 Last updated: 2024-11-20Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Länk till publikationen

Authority records

Baldwin, DonaldHenkel, MartinPerjons, Erik

Search in DiVA

By author/editor
Baldwin, DonaldHenkel, MartinPerjons, Erik
By organisation
Department of Computer and Systems Sciences
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 59 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Stockholm University Library
|
DiVA portal
|
DiVA Contact
|
DiVA Log in