Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Automated Key Rotations In a Continuous Deployment Pipeline
2018 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Background. To the best of our knowledge, there is no related work that brings up key management in Continuous Deployment. Most of the previous research within the area handles challenges and how to apply to continuous methods.

Objectives. By performing this research our goal was to determine how to apply automated key rotation as a way of improving the security in a Continuous Deployment pipeline. We also wanted to compare a manual way of rotating the keys compared to an automated way. When comparing these different scenarios to a scenario where no key rotation was active we hoped to reach a conclusion of whether it is worth implementing automated key rotations in a CDE pipeline or not.

Methods. By configuring different tools like GitLab, GitLab-Runner and Vagrant we created a working test pipeline. Since manual key rotation can be implemented in the CDE pipeline, the goal was to create a script that could automate the same process. In our tests we focused on the keys between GitLab and GitLab-Runner. Our tests consisted of comparing three different scenarios, a pipeline with: no, manual and automated key rotations. The three different scenarios where compared on 7 factors to help us reach a conclusion of whether automated key rotations was worth applying as a way to improve the security in a CDE pipeline.

Results. With the help of tools like cURL and sshpass we managed to automate the key rotation. When we measured the different processes between no, manual and automated key rotations, the result showed us that the automated process has an average time of 1.6 seconds run time and 1.14 seconds average of server downtime. The run time is 70 times faster than the manual key rotation and has 5 times less average server downtime.

Conclusions. We came to the conclusion that it is possible to use key rotation and keep the CDE process fully automated. It makes the process safer but also have the side effect of server downtime.

Place, publisher, year, edition, pages
2018. , p. 27
Keywords [en]
Security, Continuous Deployment, Key rotation, Key management
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:bth-16696OAI: oai:DiVA.org:bth-16696DiVA, id: diva2:1230071
External cooperation
HiQ Karlskrona
Subject / course
DV1478 Bachelor Thesis in Computer Science
Educational program
DVGIS Security Engineering
Supervisors
Examiners
Available from: 2018-07-03 Created: 2018-07-02 Last updated: 2018-07-03Bibliographically approved

Open Access in DiVA

fulltext(341 kB)89 downloads
File information
File name FULLTEXT02.pdfFile size 341 kBChecksum SHA-512
bdac0c289179ad8257ca8ed2a3241c4d81cbc132aea4718c27669579b4b66bfdec27cc4195baa812e551951ef1477b300dfcd6143c1e032edf06d080a1d673b4
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Rylander, JimMoberg, Jacob
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 89 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 82 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf