Cluster Computing

, Volume 22, Supplement 5, pp 10789–10800 | Cite as

Continuous security assessment of cloud based applications using distributed hashing algorithm in SDLC

  • K. VijayakumarEmail author
  • C. Arun


Cloud computing is a very rapidly growing technology with more facilities but also with more issues in terms of vulnerabilities before and after deploying the applications into the cloud. The vulnerabilities are assessed before the applications are deployed into the cloud. However, after deploying the applications, periodical checking of systems for vulnerabilities is not carried out. This paper assesses the applications online for vulnerabilities at regular intervals and if any changes are made in the code, Webhook will trigger the vulnerability checking tool based on Hashing algorithm to check for vulnerabilities in the updated application. The main aim of this system is to constantly scan the applications that are deployed in the cloud and check for vulnerabilities as part of the continuous integration and continuous deployment process. This process of checking for vulnerabilities after every update in the application should be included in the software development lifecycle.


Cloud service provider (CSP) Software development lifecycle (SDLC) Vulnerability GitHub GitLab 


  1. 1.
    Torkura, K.A., Meinel, C.: Towards cloud-aware vulnerability assessments. In: 2015 11th International Conference on Signal-Image Technology & Internet-Based Systems (SITIS), pp. 746–751. IEEE (2015)Google Scholar
  2. 2.
    Mohamed, B., Youness, K.I., Mohamed, M.: Taking account of trust when adopting cloud computing architecture. In: 2nd International Conference on Cloud Computing Technologies and Applications, pp. 101–106. IEEE (2016)Google Scholar
  3. 3.
    Alhamad, M., Dillon, T., Chang, E.: Sla-based trust model for cloud computing. In: International Conference on Network-Based Information Systems (NBiS), pp. 321–324. IEEE (2010)Google Scholar
  4. 4.
    Horvath, A.S., Agrawal, R.: Trust in cloud computing. In: SoutheastCon, pp. 1–8. IEEE (2015)Google Scholar
  5. 5.
    Maheshwari, V., Prasanna, M.: Integrating risk assessment and threat modeling within SDLC process. In: International Conference on Inventive Computation Technologies (ICICT), vol. 1, pp. 1–5. IEEE (2016)Google Scholar
  6. 6.
    Shenoy, S., Kuo, T.-T., Gabriel, R., McAuley, J., Hsu, C.-N.: Deduplication in a massive clinical note dataset, pp. 5–16. University of California, San Diego, La Jolla, CA (2017)Google Scholar
  7. 7.
    Vijayakumar, K., Arun, C.: Analysis and selection of risk assessment frameworks for cloud based enterprise applications. In: Special Issue on Biomed Research India - Artificial Intelligent Techniques for Bio-Medical Signal Processing. pp. 1-8 (2017)Google Scholar
  8. 8.
    Vijayakumar, K., Arun, C.: Automated risk identification using NLP in cloud based development environments. J. Ambient Intell. Humaniz. Comput (2017). doi: 10.1007/s12652-017-0503-7
  9. 9.
    Ali, M.M., Huda, S., Abawajy, J., Alyahya, S., Al-Dossari, H., Yearwood, J.: A parallel framework for software defect detection and metric selection on cloud computing. Cluster Comput. 1–15 (2017)Google Scholar
  10. 10.
    Xu, X., Chen, Y., Calero, J.M.A.: Distributed decentralized collaborative monitoring architecture for cloud infrastructures. Cluster Comput. 20(3), 2451–2463 (2017)CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2017

Authors and Affiliations

  1. 1.Faculty of Computer Science & Engineering, St. Joseph’s Institute of TechnologySathyabama UniversityChennaiIndia
  2. 2.Department of ECER.M.K College of Engineering and TechnologyChennaiIndia

Personalised recommendations