Segui questo link per vedere altri tipi di pubblicazioni sul tema: CI/CD Security.
Articoli di riviste sul tema "CI/CD Security"
Cita una fonte nei formati APA, MLA, Chicago, Harvard e in molti altri stili
Vedi i top-46 articoli di riviste per l'attività di ricerca sul tema "CI/CD Security".
Accanto a ogni fonte nell'elenco di riferimenti c'è un pulsante "Aggiungi alla bibliografia". Premilo e genereremo automaticamente la citazione bibliografica dell'opera scelta nello stile citazionale di cui hai bisogno: APA, MLA, Harvard, Chicago, Vancouver ecc.
Puoi anche scaricare il testo completo della pubblicazione scientifica nel formato .pdf e leggere online l'abstract (il sommario) dell'opera se è presente nei metadati.
Vedi gli articoli di riviste di molte aree scientifiche e compila una bibliografia corretta.
1
Ho-Dac, Hung, e Van-Len Vo. "An Approach to Enhance CI/CD Pipeline with Open-Source Security Tools". European Modern Studies Journal 8, n. 3 (30 luglio 2024): 408–13. http://dx.doi.org/10.59573/emsj.8(3).2024.30.
Testo completoAbstract (sommario):
Continuous Integration (CI) and Continuous Deployment (CD) are important aspects in software engineering today. In modern software production organizational models, CI/CD pipeline has become a mandatory element to improve speed and reduce team effort in developing, integrating, and deploying. In the context of increasing information security risks, deploying security tools for the CI/CD pipeline has become an inevitable trend. Deploying information security tools throughout the pipeline according to the "Shift Left" philosophy will help detect information security issues early for timely handling and reduce correction costs. In this research, we present an approach to improve the CI/CD pipeline by integrating information security tools introduced by the Open Source Foundation for Application Security Project (OWASP). In addition, we also present trade-offs when implementing information security into the CI/CD pipeline.
2
Singh, Nikhil. "CI/CD Pipeline for Web Applications". International Journal for Research in Applied Science and Engineering Technology 11, n. 5 (31 maggio 2023): 5218–26. http://dx.doi.org/10.22214/ijraset.2023.52867.
Testo completoAbstract (sommario):
Abstract: Modern organisation’s rapid pace of software development necessitates teams delivering high-quality software products faster than ever before. In order to accomplish this, software development teams are incorporating continuous integration and continuous deployment (CI/CD) methodologies into their software development processes. CI/CD pipelines are a set of practises and tools that allow teams to efficiently and reliably automate the development, testing, and deployment of software products. CI/CD pipelines have become an essential tool for teams delivering web applications at a faster pace while ensuring scalability, security, and performance in the context of web applications. This paper provides an overview of the best practises and tools for constructing a successful CI/CD pipeline for web applications. Version control, continuous integration, automated testing, deployment automation, monitoring, and logging are among the key steps covered in the paper. The paper also discusses the advantages and disadvantages of CI/CD pipelines, such as increased productivity, shorter time-to-market, fewer manual errors, and better collaboration between development and operations teams. Several case studies are included in the paperto demonstrate the effectiveness of CI/CD pipelines in web application development. The case studies cover a variety of web applications, such as e-commerce websites, social media platforms, and healthcare apps. Each case study provides practical insights into CI/CD pipeline implementation, including the tools and technologies used, the benefits realised, and the challenges encountered. The case studies also emphasise the importance of culture and collaboration in CI/CD pipeline implementation success. The paper also discusses the key tools and technologies used in web application CI/CD pipelines, such as Git, Jenkins, Docker, Kubernetes, and AWS. The paper provides an overview of these tools as well as their role in various stages of the CI/CD pipeline. The paper also discusses the importance ofsecurity in CI/CD pipelines, as well as an overview of the key security practices that must be implemented
3
Ameta, Upasana, e Ruchi Vyas. "Application Deployment Automation by Streamlining CI/CD Pipelines". Asian Journal of Engineering and Applied Technology 12, n. 1 (24 maggio 2023): 23–27. http://dx.doi.org/10.51983/ajeat-2023.12.1.3598.
Testo completoAbstract (sommario):
Conceptualize a scenario where the development, actions, quality affirmation, and information surveillance teams collaborate with the product owners to guarantee that the organisation achieves its goals for profitability, security, and cost-cutting. Together, they achieve world-class stability, reliability, availability, and security while conducting multiple number of code deployments each day. This enables the quick progress of planned work into creation. The testing of apps and InfoSec operations only take place at the conclusion of a project when it is too late to make any corrections. Development and IT Operations are adversaries in our environment. If any problems are found, and nearly every important task requires excessive amounts of backbreaking labour and handoffs, keeping us waiting all the while. The work quality, particularly the deployment of product, is challenging and disordered as a result, which has an adverse effect on customers and the business. This not only adds to the extraordinarily long lead times for getting anything done. As a result, there is lack of goals, and the whole company is dissatisfied with developers’ performance, which leads to decrement in budget and frustrated workers feel incapable to modify the scenario and its results. The major objective is to build a platform for developers that can compile, test and run the application with the least specifications and configurations and also conceptualize the piece of deployment with a more relaxed architecture and a small learning period so that developers can take full advantage of multiple platforms available as a cloud service without any inconvenience.
4
Bhardwaj, Arvind Kumar, P. K. Dutta e Pradeep Chintale. "Securing Container Images through Automated Vulnerability Detection in Shift-Left CI/CD Pipelines". Babylonian Journal of Networking 2024 (20 agosto 2024): 162–70. http://dx.doi.org/10.58496/bjn/2024/016.
Testo completoAbstract (sommario):
Integrating shift-left security practices and automated vulnerability detection in container images is imperative for modern software development, given the dynamics and vulnerability landscape. This crucial methodology emphasizes security from the initial stages of integration in container-based environments like Docker and Kubernetes. The paper examines containerization security challenges, including image vulnerabilities, insecure configurations, runtime risks, weak orchestration security, and supply chain weaknesses, while stressing compliance with regulatory rules. It explores how this automated approach leverages vulnerability detection methods integrated into Continuous Integration/Continuous Deployment (CI/CD) pipelines through static and dynamic analyses, vulnerability databases, and policy-enforcement mechanisms. Beyond identifying vulnerabilities in CI/CD pipelines, the paper outlines methods to avoid policy violations, mitigate vulnerable images, and prevent recurring practices. Importantly, it underscores the continuous enforcement and remediation of policies and security standards. Security teams must invest efforts in developing policies, automated executions, and remediation procedures, fostering cross-departmental collaboration. In essence, this proactive stance aims to enhance software security, reduce risks, and improve adherence in containerized ecosystems, making it an indispensable component of modern software development.
5
Thatikonda, Vamsi Krishna. "Beyond the Buzz: A Journey Through CI/CD Principles and Best Practices". European Journal of Theoretical and Applied Sciences 1, n. 5 (1 settembre 2023): 334–40. http://dx.doi.org/10.59324/ejtas.2023.1(5).24.
Testo completoAbstract (sommario):
Continuous Integration and Continuous Deployment (CI/CD) are pivotal in modern software development. Shifting from the classic waterfall models, the current age is dominated by Agile methodologies and DevOps practices. This article explores CI and CD's core principles, differences, and similarities. It touches upon essential techniques such as automation, ensuring consistency, and the importance of quick feedback mechanisms. Beyond these, the discussion extends to cutting-edge methods, infrastructure as code, potential security considerations, and monitoring within CI/CD environments. While CI/CD offers numerous benefits, it's essential to acknowledge its challenges, which necessitate attention and action. With an ever-evolving landscape featuring trends like AI/ML integration into CI/CD, businesses find themselves at a juncture where embracing and finetuning CI/CD is vital for competent software delivery.
6
Muñoz, Antonio, Aristeidis Farao, Jordy Ryan Casas Correia e Christos Xenakis. "P2ISE: Preserving Project Integrity in CI/CD Based on Secure Elements". Information 12, n. 9 (31 agosto 2021): 357. http://dx.doi.org/10.3390/info12090357.
Testo completoAbstract (sommario):
During the past decade, software development has evolved from a rigid, linear process to a highly automated and flexible one, thanks to the emergence of continuous integration and delivery environments. Nowadays, more and more development teams rely on such environments to build their complex projects, as the advantages they offer are numerous. On the security side however, most environments seem to focus on the authentication part, neglecting other critical aspects such as the integrity of the source code and the compiled binaries. To ensure the soundness of a software project, its source code must be secured from malicious modifications. Yet, no method can accurately verify that the integrity of the project’s source code has not been breached. This paper presents P2ISE, a novel integrity preserving tool that provides strong security assertions for developers against attackers. At the heart of P2ISE lies the TPM trusted computing technology which is leveraged to ensure integrity preservation. We have implemented the P2ISE and quantitatively assessed its performance and efficiency.
7
Shanmukhi, Bhaskara Sahithi. "Implementing and Using CI/CD: Addressing Key Challenges Faced by Software Developers". INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, n. 008 (22 agosto 2024): 1–3. http://dx.doi.org/10.55041/ijsrem37128.
Testo completoAbstract (sommario):
Software development teams that want to increase the calibre, dependability, and velocity of their software releases must implement continuous integration and delivery (CI/CD) techniques. Developers must now overcome several obstacles as a result of this shift, including the necessity to automate testing and deployment procedures, uphold strict version control, and promote cooperation between the development, testing, and operations teams. This article looks at the main obstacles that developers face when implementing and using CI/CD, and it does so by analysing case studies and current industry research to shed light on real-world obstacles and possible solutions. Keywords Continuous Integration (CI), Continuous Delivery (CD), Automation, Version Control, Security Challenges, Test Automation, Scalability, Integration Complexity, Tool Compatibility, System Design, Resource Management, Skill Gaps, Workflow Vulnerabilities.
8
Phani Monogya Katikireddi, Prudhvi Singirikonda e Yeshwanth Vasa. "REVOLUTIONIZING DEVOPS WITH QUANTUM COMPUTING: ACCELERATING CI/CD PIPELINES THROUGH ADVANCED COMPUTATIONAL TECHNIQUES". Innovative Research Thoughts 7, n. 2 (30 giugno 2021): 97–103. http://dx.doi.org/10.36676/irt.v7.i2.1482.
Testo completoAbstract (sommario):
Inframe to the CI/CD processes in DevOps Quantum computing is one of the most influential innovations since it can gain unique computational power and optimization benefits. This paper is a quantitative study exploring the extent of change that quantum computing brings to CI/CD pipelines using simulation analysis and real-time use case testing. The research shows improvements in computational speed, deployment speed, and resource utilization to support more reliable DevOps. Furthermore, real-life use cases that employ quantum computing to improve CI/CD processes regarding security and speed are also explained. However, as with any new technology, it is not without drawbacks, and this paper also explores the technological, integration, and skill-related concerns that limit quantum computing in today's DevOps landscape and offer tangible solutions.
9
Jayaprakash Malgund, Spoorthi, e Dr Sowmyarani C N. "AUTOMATING DEPLOYMENTS OF THE LATEST APPLICATION VERSION USING CI-CD WORKFLOW". International Journal of Engineering Applied Sciences and Technology 7, n. 5 (1 settembre 2022): 99–103. http://dx.doi.org/10.33564/ijeast.2022.v07i05.017.
Testo completoAbstract (sommario):
The actions a developer should take to deploy a new version of a software product are essentially specified by a CI CD pipeline. The developer would still have to perform the same tasks manually, which is much less efficient if the pipeline is not automated. Thus, the steps listed below are experienced by most software releases. We give an overview of how a secure SDLC process, along with continuous integration and continuous deployment, is used to automate the deployment of a new version of an application. This allows software development teams to concentrate on meeting business requirements while ensuring code quality and software security.
10
Chandrasekhara Mokkapati, Shalu Jain e Pandi Kirupa Gopalakrishna Pandian. "Implementing CI/CD in Retail Enterprises: Leadership Insights for Managing Multi-Billion Dollar Projects". Innovative Research Thoughts 9, n. 1 (30 marzo 2023): 391–405. http://dx.doi.org/10.36676/irt.v9.i1.1458.
Testo completoAbstract (sommario):
In the fast-paced world of retail enterprises, the adoption of Continuous Integration and Continuous Deployment (CI/CD) has become a cornerstone for driving agility, innovation, and competitive advantage. This paper explores the critical leadership insights necessary for successfully managing CI/CD implementations in multi-billion-dollar retail projects. Retail enterprises face unique challenges, including complex legacy systems, diverse technology stacks, and the need for seamless integration across global operations. These complexities require a strategic approach to CI/CD that balances technical excellence with business objectives. Leadership plays a pivotal role in navigating these challenges, ensuring that CI/CD initiatives align with organizational goals while delivering tangible benefits such as reduced time-to-market, enhanced software quality, and improved customer experiences. Effective leadership in CI/CD implementation involves fostering a culture of collaboration, continuous learning, and resilience among cross-functional teams. Leaders must also champion the adoption of DevOps practices, which are essential for breaking down silos and promoting a unified approach to software development and operations. The paper delves into the key leadership competencies required for CI/CD success in large-scale retail environments. These include visionary thinking, change management, risk mitigation, and the ability to inspire and motivate teams amidst complex project dynamics. It also highlights the importance of aligning CI/CD strategies with broader digital transformation initiatives, ensuring that retail enterprises can adapt to evolving market demands while maintaining operational efficiency. Furthermore, the paper examines the role of technology in enabling CI/CD in retail enterprises. It discusses the selection of appropriate tools and platforms, the importance of automation in achieving scalability, and the need for robust monitoring and feedback mechanisms to ensure continuous improvement. Leaders must be adept at making informed decisions regarding technology investments, ensuring that CI/CD pipelines are resilient, secure, and capable of handling the scale and complexity of retail operations. One of the critical aspects of CI/CD implementation in retail enterprises is managing stakeholder expectations. Leaders must engage with stakeholders across various levels, including executives, IT teams, and business units, to build consensus and drive alignment. Clear communication, transparency, and a focus on measurable outcomes are essential for gaining stakeholder buy-in and ensuring the success of CI/CD initiatives. The paper also addresses the challenges and risks associated with CI/CD in multi-billion-dollar retail projects, such as the potential for disruption to existing operations, the complexities of integrating with legacy systems, and the need for robust security and compliance measures. Leadership must be proactive in identifying and mitigating these risks, ensuring that CI/CD initiatives are executed with minimal disruption to the business. Finally, the paper offers practical recommendations for retail leaders looking to implement CI/CD at scale. These include developing a clear roadmap for CI/CD adoption, investing in talent and training, and leveraging data-driven insights to continuously optimize processes. By embracing these strategies, retail enterprises can unlock the full potential of CI/CD, driving innovation, efficiency, and competitive advantage in a rapidly evolving market landscape.
11
Perkasa, Panca Rizki, e Evangs Mailoa. "ADOPSI DEVSECOPS UNTUK MENDUKUNG METODE AGILE MENGGUNAKAN TRIVY SEBAGAI SECURITY SCANNER DOCKER IMAGE DAN DOCKERFILE". Jurnal Indonesia : Manajemen Informatika dan Komunikasi 4, n. 3 (10 settembre 2023): 856–63. http://dx.doi.org/10.35870/jimik.v4i3.291.
Testo completoAbstract (sommario):
Compliance with personal data protection laws requires electronic system operators to pay more attention to security in applications. Security testing which is usually done at the end of the SDLC makes Agile principles incompatible with advantages that prioritize acceleration, adaptability and responsiveness to change. DevSecOps implementation using Trivy will insert a security scanner process for applications that are deployed in containerized form. The continuous process of security scanning integrated in CI/CD will increase the awareness of developers in terms of application security, so that developers will more quickly fix these problems and avoid security problems at the end of the SDLC.
12
Bipin Gajbhiye, Anshika Aggarwal e Shalu Jain. "Automated Security Testing in DevOps Environments Using AI and ML". International Journal for Research Publication and Seminar 15, n. 2 (29 giugno 2024): 259–71. http://dx.doi.org/10.36676/jrps.v15.i2.1472.
Testo completoAbstract (sommario):
The rapid adoption of DevOps practices has transformed the software development landscape by emphasizing continuous integration, continuous delivery (CI/CD), and agile methodologies. However, this rapid pace of development often introduces significant security challenges, as traditional security testing methods struggle to keep up with the accelerated release cycles. To address these challenges, the integration of Artificial Intelligence (AI) and Machine Learning (ML) into automated security testing has emerged as a promising solution. This paper explores the use of AI and ML to enhance automated security testing within DevOps environments, offering a comprehensive approach to identifying, predicting, and mitigating security vulnerabilities in real time. Automated security testing leverages AI and ML algorithms to analyze code, detect anomalies, and predict potential security threats. These technologies enable the continuous monitoring of codebases, allowing for the early identification of vulnerabilities before they are exploited. By incorporating AI-driven security testing into the CI/CD pipeline, organizations can ensure that security is not an afterthought but a continuous process integrated into every stage of the software development lifecycle. AI and ML models can be trained to recognize patterns associated with security risks, such as code injection, unauthorized access, and data leakage. These models continuously learn from new data, improving their accuracy over time and adapting to evolving threats. The dynamic nature of AI-driven security testing makes it particularly suited for DevOps environments, where frequent code changes and updates can introduce new vulnerabilities. Moreover, AI and ML can assist in automating complex tasks, such as threat modeling, risk assessment, and the prioritization of security issues, enabling security teams to focus on higher-order tasks that require human expertise.
13
Shama, Abriza Mahandis, e Dian W. Chandra. "IMPLEMENTASI STATIC APPLICATION SECURITY TESTING MENGGUNAKAN JENKINS CI/CD BERBASIS DOCKER CONTAINER PADA PT. EMPORIA DIGITAL RAYA". JURNAL ILMIAH INFORMATIKA 9, n. 02 (2 settembre 2021): 95–99. http://dx.doi.org/10.33884/jif.v9i02.3769.
Testo completoAbstract (sommario):
PT. Emporia Digital Raya is an fintech company. The product include web and android application. However, in the deployment system, PT Emporia Digital Raya still uses an ancient system with a single vm system and only uses git for deployment to server. Even though at this time the deployment process of an application has grown very far. Therefore, in this study will created a system which is currently popular being used. This system is called DevSecOps. Devsecops will need a tools like Jenkins, Sonarqube, and Docker. The core of this system is the automation process where the deployment process is no longer done manually as before. With this system, it is hoped that will help speed up developer work and improve code quality.
14
Harrison Oke Ekpobimi, Regina Coelis Kandekere e Adebamigbe Alex Fasanmade. "Front-end development and cybersecurity: A conceptual approach to building secure web applications". Computer Science & IT Research Journal 5, n. 9 (6 settembre 2024): 2154–68. http://dx.doi.org/10.51594/csitrj.v5i9.1556.
Testo completoAbstract (sommario):
The growing importance of cybersecurity in the digital age necessitates a comprehensive approach to securing web applications, particularly through robust front-end development practices. This review paper proposes a conceptual framework for integrating security best practices into front-end development to mitigate common vulnerabilities such as Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF). The framework emphasizes key components: threat modeling, secure coding practices, security automation, integration into Continuous Integration/Continuous Deployment (CI/CD) pipelines, and continuous monitoring. By embedding security into every stage of the development process, the framework enhances the security of web applications. It aligns with U.S. national interests in bolstering cybersecurity. The paper also discusses the implications of secure front-end development for national cybersecurity, highlighting the framework's potential to reduce the attack surface of critical web applications significantly. Recommendations are provided for policymakers and industry leaders to promote adopting secure front-end practices, ensuring a resilient digital infrastructure. Keywords: Secure Front-End Development, Cybersecurity, Web Application Security, Threat Modeling, Security Automation, National Cybersecurity.
15
Albaihaqi, Muhammad Fauzan, Anisa Nurul Wilda e Bambang Sugiantoro. "Deploying an Application to Cloud Platform Using Continous Integration and Continous Delivery". Proceeding International Conference on Science and Engineering 3 (30 aprile 2020): 279–82. http://dx.doi.org/10.14421/icse.v3.513.
Testo completoAbstract (sommario):
Cloud Computing is the best way for bussiness owner deploy an application to reduce cost issue because it is implement pay as you go concept. Generally, an application on production level or deployed into cloud instance should not have any error or bug. It should be tested and maintain properly. The problem when an application have intensive development that takes more effort to test the application and deploy. So, need a strategy to deploy an application into cloud instance to make the proccess more efficient. Nowadays, Version Control System (VCS) platform provide Continous Integration and Continous Delivery (CI/CD) feature. Users can utilize that platform to perform automated test and deployment easily. This reasearch purposed to examine how to use CI/CD feature and evaluate it in case of deploying web application to Cloud Platform. Researcher use Gitlab wich is provide CI/CD feature for free and deploy the app to Amazon Web Service. The researcher also utilize docker container to accommodate all processes. The result are Continous Integration can improove application quality because most lines of codes are tested using unit or feature test scenario. Using CI/CD feature improove security issue of deployment. Deployment proccess run automatically without human intervention so it will reduce human error factors. This feature also ensure high availability of an application. Deployment proccess will take zero downtime. The application can quickly update without any downtime and configuration. Last, docker container take an important role for deployment of application into cloud instance.
16
Raj, Pritish. "Continuous Integration for New Service Deployment and Service Validation Script for Vault". INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, n. 06 (12 giugno 2024): 1–5. http://dx.doi.org/10.55041/ijsrem35565.
Testo completoAbstract (sommario):
Modern cloud-native applications demand robust security measures to safeguard sensitive data such as passwords, API keys, and encryption keys. Managing these secrets securely within Kubernetes clusters presents a significant challenge. In response, this project proposes a comprehensive solution leverag- ing HashiCorp Vault, Kubernetes, and Docker to enhance secret management and strengthen overall security posture.HashiCorp Vault serves as a centralized secrets management tool, provid- ing encryption, access control, and auditing functionalities. By integrating Vault with Kubernetes, secrets can be dynamically generated, securely stored, and automatically injected into ap- plication pods at runtime. This approach reduces the exposure of sensitive information within containerized environments and mitigates the risk of unauthorized access. The project architecture involves deploying Vault within the Kubernetes cluster, utilizing Docker containers for seamless encapsulation and portability. Kubernetes’ native integrations with Vault, such as the Kubernetes Auth method and the Vault Agent Injector, streamline the authentication and authorization processes, ensuring secure communication between applications and Vault. The project involves deploying Vault in Kubernetes for secrets management, ensuring High Availability. It focuses on generating, storing, and managing secrets securely, leveraging Vault’s dynamic secrets engine for automatic rotation. Integration with Kubernetes employs authentication methods like Service Accounts and RBAC for granular access control. Dockerization ensures application consistency and portability, with Vault Agent containers enabling seamless secret injection. Security best practices, including least privilege access and encryption, are prioritized, along with regular auditing and monitoring. Overall, the project aims to establish a robust secrets management solution within Kubernetes while empha- sizing resilience, security, and compliance in handling sensitive information. Index Terms—Docker, DevOps, CI/CD, Automation, Secrets, Kubernetes, Vault, Security
17
Amarjeet Singh, Et al. "Microservices Container Security Orchestration Framework within Kubernetes and Docker for Business-Critical Applications within Digital Transformation". International Journal on Recent and Innovation Trends in Computing and Communication 11, n. 3 (31 marzo 2023): 332–36. http://dx.doi.org/10.17762/ijritcc.v11i3.9863.
Testo completoAbstract (sommario):
Container virtualization technology facilitates the creation of microservices-based systems through continuous integration. Container-based apps can be deployed more easily when they use orchestration systems like Kubernetes, which has become the de facto standard. It can be difficult to create effective and precise orchestration systems, nevertheless. The scheduler, a crucial orchestrator task that allocates physical resources to containers, is the subject of this article. Scheduling strategies are developed using several Quality-of-Service metrics. The CI in CI/CD stands for continuous integration. Continuous integration drives the automation in the development and delivery of the code and developers frequently apply code changes. It’s an automated process that allows multiple developers to contribute software components to the same project without integration conflicts. CI also triggers the process of testing the applications automatically upon code commit into the repository. Container virtualization technology facilitates the creation of microservices-based systems through continuous integration. Container-based apps can be deployed more easily when they use orchestration systems like Kubernetes, which has become the de facto standard. It can be difficult to create effective and precise orchestration systems, nevertheless. The scheduler, a crucial orchestrator task that allocates physical resources to containers, is the subject of this article. Scheduling strategies are developed using several Quality of Service metrics.
18
Lonkar, Madhav Sandeep. "HUMAN RESOURCE MANAGEMENT SYSTEM(HRMS)". INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, n. 04 (10 aprile 2024): 1–5. http://dx.doi.org/10.55041/ijsrem30538.
Testo completoAbstract (sommario):
In today's fast-paced business environment, the effective management of human resources stands as a cornerstone for organizational excellence and competitiveness. This project is dedicated to introducing a state-of-the-art Human Resource Management System (HRMS) designed to modernize conventional HR practices and streamline operations through technological innovation. The primary goal of this endeavor is to amalgamate and revamp diverse HR functions, encompassing employee records management, payroll processing, leave administration, and recruitment. Through the utilization of automation and digitalization, the project endeavors to alleviate administrative burdens, mitigate errors, and elevate overall HR efficacy. Key Words: MySQL ,Thymeleaf, Spring Boot, CI/CD , Data Security
19
Bysani, Varshitha. "Automation in Cloud Infrastructure Management: Enhancing Efficiency and Reliability". INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, n. 06 (11 giugno 2024): 1–5. http://dx.doi.org/10.55041/ijsrem35750.
Testo completoAbstract (sommario):
This paper explores the role of automation in cloud infrastructure management, focusing on its impact on efficiency and reliability. Key use cases, including Infrastructure as Code (IaC) with Terraform, Continuous Integration/ Continuous De- ployment (CI/CD), and real-time monitoring with the ELK stack are examined. The paper discusses how automation reduces manual effort, promotes consistency, and enhances scalability in cloud environments. It highlights the benefits of automated alerting and its role in improving security and system stability. By embracing automation, organizations can streamline cloud infrastructure management, ensuring a robust and adaptable framework that supports business continuity and agility. Index Terms—Cloud Infrastructure Management, Automation, Infrastructure as Code (IaC), Terraform, ELK Stack (Elastic- search, Logstash, Kibana), Automated Alerting
20
Singh, Amarjeet. "Microservices Security Vulnerability Remediation approach using Veracode and Checkmarx". Journal of Artificial Intelligence General science (JAIGS) ISSN:3006-4023 4, n. 1 (5 maggio 2024): 145–51. http://dx.doi.org/10.60087/jaigs.v4i1.128.
Testo completoAbstract (sommario):
Abstract — As organizations increasingly adopt microservices architectures for building scalable and resilient applications, ensuring the security of these distributed systems becomes paramount. In this empirical study, we conduct a comprehensive comparative analysis to assess the efficacy of three leading security scanning tools, namely Veracode, Snyk, and Checkmarx, in identifying and remedying security vulnerabilities within microservices applications deployed on the AWS and Azure cloud platforms. The study aims to provide nuanced insights into the performance, usability, and integration capabilities of these tools, offering valuable guidance to organizations striving to fortify their microservices-based infrastructures. By meticulously evaluating scanning capabilities, vulnerability detection accuracy, remediation guidance comprehensiveness, CI/CD pipeline integration proficiency, and overall ease of use, our research sheds light on the relative strengths and weaknesses of each tool in the context of modern cloud-native application security. Through meticulously designed experiments utilizing realistic microservices application scenarios encompassing diverse vulnerability types, including injection attacks, authentication bypasses, and insecure configurations, we present a thorough examination of the tools' capabilities and limitations. The findings from our study contribute to the evolving discourse on microservices security, emphasizing the critical importance of selecting appropriate security scanning solutions tailored to the unique requirements and constraints of cloud-based microservices architectures. By leveraging the insights gleaned from our comparative analysis, organizations can make well-informed decisions regarding tool selection and deployment strategies, thereby bolstering the resilience of their microservices ecosystems against an ever-expanding threat landscape.
21
Krauss, Philip, Vasundra Touré, Kristin Gnodtke, Katrin Crameri e Sabine Österle. "DCC Terminology Service—An Automated CI/CD Pipeline for Converting Clinical and Biomedical Terminologies in Graph Format for the Swiss Personalized Health Network". Applied Sciences 11, n. 23 (29 novembre 2021): 11311. http://dx.doi.org/10.3390/app112311311.
Testo completoAbstract (sommario):
One goal of the Swiss Personalized Health Network (SPHN) is to provide an infrastructure for FAIR (Findable, Accessible, Interoperable and Reusable) health-related data for research purposes. Semantic web technology and biomedical terminologies are key to achieving semantic interoperability. To enable the integrative use of different terminologies, a terminology service is a important component of the SPHN Infrastructure for FAIR data. It provides both the current and historical versions of the terminologies in an SPHN-compliant graph format. To minimize the usually high maintenance effort of a terminology service, we developed an automated CI/CD pipeline for converting clinical and biomedical terminologies in an SPHN-compatible way. Hospitals, research infrastructure providers, as well as any other data providers, can download a terminology bundle (currently composed of SNOMED CT, LOINC, UCUM, ATC, ICD-10-GM, and CHOP) and deploy it in their local terminology service. The distributed service architecture allows each party to fulfill their local IT and security requirements, while still having an up-to-date interoperable stack of SPHN-compliant terminologies. In the future, more terminologies and mappings will be added to the terminology service according to the needs of the SPHN community.
22
Teisserenc, Benjamin, e Samad M. E. Sepasgozar. "Software Architecture and Non-Fungible Tokens for Digital Twin Applications in the Built Environment". Buildings 12, n. 9 (14 settembre 2022): 1447. http://dx.doi.org/10.3390/buildings12091447.
Testo completoAbstract (sommario):
Blockchain technology (BCT) can enable distributed collaboration, enhance data sharing, and automate back-end processes for digital twin (DT) decentralized applications (dApps) in the construction industry (CI) 4.0. The aim of this paper was to propose a software architecture and to develop a framework of smart contracts for blockchain-based digital twin (BCDT) dApps throughout the lifecycle of projects in CI 4.0. This paper leveraged the existing literature and action research interviews to identify and validate the critical industry problems, functional requirements (FRs), and non-functional requirements (NFRs) to be addressed by BCDT dApps in CI 4.0. Basic use cases were developed to design a framework of smart contracts for BCDT dApps throughout the lifecycle of projects. The analysis of an online survey was used to identify the key requirements and enablers to propose a software architecture for BCDT applications and to validate the requirements for developing the framework of a smart contract for BCDTs. The findings were: (1) The identification of key problems in CI 4.0 for each BIM/BCDT dimension (3D, 4D, 5D, 6D, 7D, 8D, and contractual (cD)) and the related FRs and NFRs for BCDT applications. Additionally, key use cases were designed to address the problems identified. (2) The proposed BCDT architecture permitted us to narrow gaps in the literature on blockchain-based decentralized digital twins. Moreover, the proposed BCDT architecture and smart-contract framework addressed the main requirements in the literature on BCDTs. (3) The study leveraged the non-fungible token (NFT) standard to develop a framework for smart contracts that addressed the key use cases and the related industry problems and functional requirements that were identified. The study also considered the contractual dimension (cD) as an overarching dimension in relation to the other BCDT dimensions. (4) We also compared the costs of several public blockchains for executing the proposed smart-contract framework throughout the lifecycle of a medium-sized building project. The cost analysis permitted the development of criteria to evaluate the suitability of blockchain networks for BCDT applications in CI 4.0 depending on the principal blockchain networks’ properties (security, decentralization, scalability, and interoperability). Finally, this study resulted in a novel framework that included software architecture, smart-contract use cases, and selection criteria among blockchain networks for BCDT dApps in CI 4.0.
23
Редкин, П. А., e А. С. Алёшкин. "Программный комплекс распределенного тестирования веб-приложений". International Journal of Open Information Technologies 12, n. 4 (1 aprile 2024): 125–32. http://dx.doi.org/10.25559/injoit.2307-8162.12.202404.125-132.
Testo completoAbstract (sommario):
Статья посвящена тестированию веб-приложений, которое играет ключевую роль в создании качественных, надежных и безопасных продуктов. Для современной адаптации к интернет-технологиям требуется внедрение современных методик тестирования, а также глубоких знаний и постоянного самосовершенствования процессов создания решений. В статье рассмотрены основные этапы такого совершенствования: внедрение автоматизации тестирования, использование передовых инструментов и обеспечение общего высокого уровня безопасности. Ключевыми аспектами тестирования рассматриваются: нагрузочное тестирование, тестирование безопасности и юзабилити-тестирование, а также подходы к выполнению и анализу результатов выполнения тестов. Статья подчеркивает важность комплексного подхода к обеспечению качества веб-приложений и исследует роль автоматизации в упрощении и оптимизации процессов тестирования. В статье описываются различные инструменты, используемые для тестирования, включая Apache JMeter, LoadRunner, Gatling для нагрузочного тестирования, а также OWASP ZAP и Burp Suite для тестирования на безопасность. Авторы также обсуждают методы оценки юзабилити и представляют современные инструменты для юзабилити-тестирования, такие как UserTesting, Optimal Workshop и Lookback.io. Рассмотрена интеграция тестирования в цикл "непрерывной интеграции и доставки" (CI/CD), что позволяет сократить время разработки, и, при этом гарантировать высокое качество продукта на всех этапах его создания. Результатом проведенного технологического обзора становится система распределенного тестирования, которая представляет собой эффективный подход к реализации задач тестирования, позволяя командам разработки быстро идентифицировать и устранять даже потенциальные проблемы. This article focuses on web application testing, which plays a key role in creating high-quality, dependable, and secure products. Modern adaptation to Internet technologies requires the introduction of modern testing methods, as well as in-depth knowledge and constant self-improvement of the processes of creating solutions. The article discusses the main stages of such improvement: the introduction of test automation, the use of advanced tools, and the provision of an overall high level of security. The key aspects of testing are load testing, security testing, and usability testing, as well as approaches to executing and analyzing test results. The article emphasizes the importance of an end-to-end approach to quality assurance for web applications and explores the role of automation in simplifying and streamlining testing processes. The article describes the various tools used for testing, including Apache JMeter, LoadRunner, Gatling for load testing, and OWASP ZAP and Burp Suite for security testing. The authors also discuss usability assessment methods and introduce modern usability testing tools such as UserTesting, Optimal Workshop, and Lookback.io. The integration of testing into the "continuous integration and delivery" (CI/CD) cycle is allows you to reduce the development time, and, at the same time, guarantee the high quality of the product at all stages of its creation. The result of the technology review is a distributed testing system, which is an effective approach to implementing test tasks, allowing development teams to quickly identify and fix even potential problems.
24
Teisserenc, Benjamin, e Samad Sepasgozar. "Project Data Categorization, Adoption Factors, and Non-Functional Requirements for Blockchain Based Digital Twins in the Construction Industry 4.0". Buildings 11, n. 12 (8 dicembre 2021): 626. http://dx.doi.org/10.3390/buildings11120626.
Testo completoAbstract (sommario):
As key technologies of the fourth industrial revolution, blockchain and digital twins have great potential to enhance collaboration, data sharing, efficiency, and sustainability in the construction industry. Blockchain can improve data integrity and enhance trust in the data value chain throughout the entire lifecycle of projects. This paper aims to develop a novel theoretical framework for the adoption of environmentally sustainable blockchain-based digital twins (BCDT) for Construction Industry (CI) 4.0. The paper identifies which key data from construction projects lifecycle should be anchored in BCDTs to benefit CI 4.0 and the environment. The paper also identifies key factors and non-functional requirements necessary for the adoption of BCDTs in a decentralized and sustainable CI 4.0. At first, a content analysis of the literature allowed the identification of which data from projects lifecycle would benefit from blockchain technology (BCT) adoption and what the key factors and non-functional requirements necessary for the adoption of BCDT in the CI4.0 are. Furthermore, the analysis of structured interviews and online survey permitted to firstly validate the hypotheses raised from the literature and to offer a novel framework for BCDT of CI 4.0 in the context of the circular economy (CE). The findings are that (1) the key project lifecycle data relevant for BCDTs relate to the BIM dimensions (3D, 4D, 5D, 6D, 7D, and 8D) and a new dimension called the contractual dimension (cD) is also proposed. (2) Ecosystems of BCDTs should embrace a novel form of collaboration that is decentralized and presented as Level 4 maturity for BCDTs. This new level of maturity leverages distributed blockchain networks to enhance collaboration, processes automation with smart contracts, and data sharing within a decentralized data value chain. Finally (3), the main non-functional requirements for BCDTs are security, privacy, interoperability, data ownership, data integrity, and the decentralization and scalability of data storage. With the proposed framework including the BCDT dimensions, the Maturity Level 4, and the key non-functional requirements, this paper provides the building blocks for industry practitioners to adopt BCDTs. This is promising for CI 4.0 to embrace a paradigm shift towards decentralized ecosystems of united BCDTs where trust, collaboration, data sharing, information security, efficiency, and sustainability are improved throughout the lifecycle of projects and within a decentralized CE (DCE).
25
Li, Jianzhong, Qiang Wan, Wenjuan Ma, Xiaoting Fang, Chuyi Yin e Jun Cui. "Analysis DevOps efficiency and digital transformation of digital economy, cross-border e-commerce, and brand building:". Transactions on Computer Science and Intelligent Systems Research 4 (20 giugno 2024): 38–47. http://dx.doi.org/10.62051/gc7xf329.
Testo completoAbstract (sommario):
As IT-based DevOps Abilities and Automation testing theory, this study examines factors that encourage and discourage DevOps abilities and automation technology have become a major trend in the development of internet or IT enterprises, The main aim of this paper is to investigate how the use of DevOps has affected the quality of software. Another main aim is to explore and identify ways to continuously increase software quality. One way of finding information on this study is to conduct a literature review. This article uses the ICTAM and TAM theoretical model for analysis. A literature review was developed to gather quantitative data while DevOps Abilities and Quality Assurance experts' interviews were used to determine how DevOps and automation testing can enhance software quality and improve software development efficiency. Interview reviews, Sampling questionaries, hypothesis testing, and regression tests are recommendations. Five semi-structured interviews were conducted with experts and analyzed through the lens of the Interactive Communication Technology Adoption Model (ICTAM) as a guiding framework. Moreover, through a series of data investigation and analysis, DevOps Abilities and Automation testing can help many companies quickly and accurately improve software development efficiency and quality. The results demonstrated that China internet company's DevOps and automation technology helps enterprise’s continuous integration and continuous delivery, automation testing and monitor etc. DevOps and CI/CD is one of the best practices for devops teams to implement. The findings is also an agile methodology best practice, as it enables software development teams to focus on meeting business requirements, code quality, and security because deployment steps are automated. Based on DevOps Abilities, Automation testing, CI, CD concepts, many companies can continuously improve their software R&D efficiency and software quality. The research of this paper mainly uses the mixed method of qualitative analysis and quantitative analysis to conduct research and analysis, and uses excel or SPSS 23 software to perform ANOVA analysis on the sample data, Finally, this study contributions concludes the importance of DevOps and Automation testing to China Software company.
26
Pindoriya, Anurag, e Janki Velani. "Advancements in GitHub Automation and Workflow: A Comprehensive Exploration". International Journal of Innovative Science and Modern Engineering 12, n. 2 (28 febbraio 2024): 10–13. http://dx.doi.org/10.35940/ijisme.b1311.12020224.
Testo completoAbstract (sommario):
The landscape of software development has been significantly transformed by the integration of automation and streamlined workflows, with GitHub emerging as a pivotal platform in this evolution. This research paper delves into the multifaceted realm of GitHub automation and workflow, investigating key aspects that contribute to enhanced efficiency, collaboration, and code quality in modern development practices. The paper begins by exploring the utilization of GitHub Actions for establishing robust Continuous Integration and Continuous Deployment (CI/CD) pipelines. Best practices for designing reliable workflows are discussed, along with insights into customizing workflows to suit diverse project requirements through the use of custom actions and templates. The automation of code reviews is scrutinized, with a focus on tools and practices that facilitate objective and efficient evaluation of code quality. The paper also investigates GitHub's role in security automation, covering strategies for vulnerability detection and integration of security checks into the development lifecycle. Collaborative workflows on GitHub, including branch management, pull requests, and code reviews, are explored as pivotal components fostering teamwork. The integration of GitHub into DevOps practices is analyzed, showcasing its synergy with popular DevOps tools and platforms. As a forward-looking endeavor, the research paper concludes by examining emerging trends and technologies in GitHub automation. By encapsulating a comprehensive overview of the current state and future trajectories of GitHub automation and workflow, this paper aims to contribute to the collective understanding of best practices, challenges, and opportunities in contemporary software development.
27
Roy, Gareth, Emanuele Simili, Samuel Cadellin Skipsey, Gordon Stewart e David Britton. "Using the Autopilot pattern to deploy container resources at a WLCG Tier-2". EPJ Web of Conferences 214 (2019): 07013. http://dx.doi.org/10.1051/epjconf/201921407013.
Testo completoAbstract (sommario):
Containers are becoming ubiquitous within the WLCG, with CMS announcing a requirement for its sites to provide Singularity during 2018. The ubiquity of containers means it is now possible to reify the combination of an application and its configuration into a single easy-to-deploy unit, avoiding the need to make use of a myriad of configuration management tools such as Puppet, Ansible or Salt. This allows use to be made of industry-standard devops techniques within the operations domain, such as Continuous Integration (CI) and Continuous Deployment (CD), which can lead to faster upgrades and greater system security. One interesting technique is the Autopilot pattern, which provides mechanisms for application life-cycle management which are accessible from within the container itself. Using modern service discovery techniques, each container manages its own configuration, monitors its own health, and adapts to changing requirements through the use of event triggers. In this paper, we expand on previous work to create and deploy resources to a WLCG Tier-2 via containers, and investigate the viability of using the Autopilot pattern at a WLCG site to deploy and manage computational resources.
28
Emmanni, Phani Sekhar. "Architectural Patterns and Best Practices for Scalable Enterprise Applications with Angular". Journal of Mathematical & Computer Applications 3, n. 1 (28 febbraio 2024): 1–4. http://dx.doi.org/10.47363/jmca/2024(3)141.
Testo completoAbstract (sommario):
Angular has emerged as a leading framework for building scalable and maintainable enterprise applications. This article delves into the architectural patterns and best practices that harness Angular's robust ecosystem for developing enterprise-level applications that are not only scalable but also efficient and reliable. Through a detailed examination of module-based architectures, microfrontend architectures, and the monorepo approach, we uncover strategies that facilitate the development of large-scale applications, addressing common scalability challenges. Additionally, the article discusses key practices in lazy loading, state management, and component design, aimed at optimizing performance and enhancing the user experience. Security, an imperative aspect of enterprise applications, is addressed by outlining Angular-specific best practices for safeguarding applications against prevalent threats. Automated testing strategies and the role of continuous integration and deployment (CI/CD) in maintaining high-quality codebases are also explored. Drawing on real-world case studies, this article highlights the practical applications and successes of these architectural patterns and best practices, offering insights into overcoming typical challenges faced by developers. By providing a comprehensive guide to scalable application development with Angular, this article aims to equip software architects and developers with the knowledge to leverage Angular effectively in the enterprise domain, fostering innovation and efficiency in web application development.
29
Osinachi Deborah Segun-Falade, Olajide Soji Osundare, Wagobera Edgar Kedi, Patrick Azuka Okeleke, Tochukwu Ignatius Ijomah e Oluwatosin Yetunde Abdul-Azeez. "Assessing the transformative impact of cloud computing on software deployment and management". Computer Science & IT Research Journal 5, n. 8 (31 agosto 2024): 2062–82. http://dx.doi.org/10.51594/csitrj.v5i8.1492.
Testo completoAbstract (sommario):
Cloud computing has fundamentally transformed the landscape of software deployment and management, offering significant benefits and reshaping traditional approaches. This review explores the transformative impact of cloud computing on these domains, highlighting key changes and advantages. Firstly, cloud computing has revolutionized software deployment by introducing scalable and flexible infrastructure solutions. Unlike traditional onpremises systems that require significant upfront investment and ongoing maintenance, cloud platforms offer ondemand resources and payasyougo models. This shift enables organizations to deploy software rapidly, adapt to changing needs, and scale resources efficiently without the constraints of physical hardware. Additionally, cloud computing enhances software management through centralized control and automation. Cloud environments provide integrated management tools that streamline the deployment, monitoring, and maintenance of applications. These tools facilitate automated updates, patch management, and system backups, reducing the burden on IT teams and minimizing downtime. Furthermore, cloudbased management systems offer realtime visibility and analytics, allowing for proactive performance monitoring and troubleshooting. The collaborative nature of cloud computing also fosters improved development and deployment practices. Cloud platforms support DevOps methodologies by enabling continuous integration and continuous delivery (CI/CD) pipelines. This integration accelerates software development cycles, enhances collaboration among distributed teams, and ensures consistent and reliable deployments. Moreover, the cloud's global reach and accessibility break down geographical barriers, allowing organizations to deploy software across multiple regions effortlessly. This geographic flexibility enhances the user experience and ensures high availability and performance, regardless of the user's location. Despite these advancements, the transition to cloud computing presents challenges, including data security and compliance concerns. Organizations must implement robust security measures and adhere to regulatory requirements to protect sensitive information and maintain trust. In conclusion, cloud computing has had a profound impact on software deployment and management, offering scalable, flexible, and efficient solutions. Its transformative effects include streamlined operations, improved collaboration, and global accessibility. As cloud technology continues to evolve, organizations must navigate associated challenges while leveraging its benefits to drive innovation and efficiency in software management. Keywords: Management, Impact, Cloud Computing, Software Deployment, Assessing
30
Rottler, Benjamin, Michael Böhler, Günter Duckeck, Alexander Lory, Christoph Anton Mitterer e Jaroslava Schovancova. "Bringing the ATLAS HammerCloud setup to the next level with containerization". EPJ Web of Conferences 295 (2024): 04011. http://dx.doi.org/10.1051/epjconf/202429504011.
Testo completoAbstract (sommario):
HammerCloud (HC) is a testing service and framework for continuous functional tests, on-demand large-scale stress tests, and performance benchmarks. It checks the computing resources and various components of distributed systems with realistic full-chain experiment workflows. The HammerCloud software was initially developed in Python 2. After support for Python 2 was discontinued in 2020, migration to Python 3 became vital in order to fulfill the latest security standards and to use the new CERN Single Sign-On, which requires Python 3. The current deployment setup based on RPMs allowed a stable deployment and secure maintenance over several years of operations for the ATLAS and CMS experiments. However, the current model is not flexible enough to support an agile and rapid development process. Therefore, we have decided to use a containerization solution, and switched to industry-standard technologies and processes. Having an “easy to spawn” instance of HC enables a more agile development cycle and easier deployment. With the help of such a containerized setup, CI/CD pipelines can be integrated into the automation process as an extra layer of verification. A quick onboarding process for new team members and communities is essential, as there is a lot of personnel rotation and a general lack of personpower. This is achieved with the container-based setup, as developers can now work locally with a quick turnaround without needing to set up a production-like environment first. These developments empower the whole community to test and prototype new ideas and deliver new types of resources or workflows to our community.
31
Agrawal, Raj, e Nakul Pandey. "Strategies for Developing and Deploying Enterprise-Level Mobile Applications on a Large Scale: A Comprehensive Analysis". International Journal of Enhanced Research in Management & Computer Applications 09, n. 11 (2020): 23–31. http://dx.doi.org/10.55948/ijermca.2020.1104.
Testo completoAbstract (sommario):
The object of the exploration in this study is the approach and methods within the building of large-scale enterprise mobile applications. The primary aim is to design a pragmatic model that will be helpful for any organization engaging the services of applications to improve its operational excellence. This capture of scholarly insight, however, goes beyond the detailed description of the particular needs and intricate challenges, such as stringent security, additional scalability, prevalent device fragmentation, and the requirement of producing consistent interaction with the current enterprise environment. The development discourse is expanded further to layer upon the manifold methodologies and technological frameworks that coordinate the large-scale development of mobile applications, in particular the agile development paradigm, the DevOps principles, and the utilization of versatile cross-platform development strategy. This process involves strategies to promote advanced cloud infrastructures and the newer containerization technologies to scale up the deployment and management with great accuracy of the mobile applications, in addition to the development of methods to maximize the performance of such applications working on several devices and operating systems. These will cover the major aspects of creating a resilient app building pipeline such as solutions towards project management processes, introducing tools that will facilitate collaboration, implementing automated testing frameworks and applying CI/CD (continuous integration and continuous deployment) methodologies. Furthermore, these questions are related to the new methods in App development, for example, serverless computing, microservices architectures and AI usage for making the decision making process better along with predictive analytics in the App lifecycle. By way of this academic investigation, we propose to provide all relevant players, namely developers, marketers, as well as venture capitalists with a deep knowledge and a set of practical solutions for building enterprise mobile applications at scale.
32
Daniel Ajiga, Patrick Azuka Okeleke, Samuel Olaoluwa Folorunsho e Chinedu Ezeigweneme. "Enhancing software development practices with AI insights in high-tech companies". Computer Science & IT Research Journal 5, n. 8 (23 agosto 2024): 1897–919. http://dx.doi.org/10.51594/csitrj.v5i8.1450.
Testo completoAbstract (sommario):
Artificial Intelligence (AI) is revolutionizing software development practices in high-tech companies, providing transformative insights and tools that enhance productivity, quality, and efficiency. This review explores the integration of AI into software development processes, highlighting its impact on key areas such as code generation, bug detection, project management, and testing. AI-driven tools are enabling developers to automate repetitive tasks, optimize code, and identify potential issues before they become critical, thus reducing development time and improving software reliability. Machine learning algorithms analyze vast amounts of data from past projects to provide predictive analytics, guiding teams in decision-making and resource allocation. Natural language processing (NLP) facilitates more intuitive interactions with development tools, streamlining communication and collaboration among team members. Furthermore, AI enhances continuous integration and continuous deployment (CI/CD) pipelines by automating the testing and deployment stages, ensuring that code changes are seamlessly integrated and deployed with minimal human intervention. By leveraging AI, high-tech companies can adopt more agile methodologies, respond swiftly to market changes, and deliver high-quality software products. The review also discusses the challenges of integrating AI into software development, including the need for substantial initial investment, the complexity of AI models, and the importance of ensuring data privacy and security. Solutions such as fostering a culture of continuous learning, investing in AI-specific training for developers, and establishing robust data governance frameworks are essential for overcoming these barriers. In conclusion, AI-driven insights and tools offer significant advantages for high-tech companies, enabling them to enhance their software development practices, achieve greater efficiency, and maintain a competitive edge in a rapidly evolving technological landscape. Embracing these advancements requires a strategic approach, including investment in AI technologies and training, to fully harness the potential of AI and drive innovation in software development. Keywords: AI, Software Development, High-Tech, Practices, Companies.
33
Kiriakidi, S. K., e O. V. Kryvenko. "Study of web application development methodology for a medical clinic using React". Reporter of the Priazovskyi State Technical University. Section: Technical sciences, n. 48 (27 giugno 2024): 19–25. http://dx.doi.org/10.31498/2225-6733.48.2024.310670.
Testo completoAbstract (sommario):
The article explores in detail the methodologies for developing web applications for medical clinics using the popular React library. The main goal of this study is the analysis of modern approaches to the creation of web applications that meet the specific requirements of medical institutions. Particular attention is paid to the functional and non-functional characteristics that are critical to such systems, including data security, user experience, integration with existing systems, and compliance with regulatory standards. First of all, a comprehensive analysis of the requirements of medical clinics for web applications was carried out. Data security is one of the most important aspects as healthcare institutions work with sensitive information. The study examines methods for ensuring the confidentiality and integrity of medical data, including compliance with HIPAA and GDPR standards. React makes it easy to integrate modern security tools such as JWT (JSON Web Tokens) for authentication and authorization, and use secure HTTP connections for data transfer. In addition, special attention is paid to the user experience (UX/UI), which should ensure the convenience and efficiency of using the web application by both medical personnel and patients. React allows you to create dynamic and interactive interfaces that can adapt to different devices and screens, thus providing a high-quality user experience. This is especially important for medical applications, where the accuracy and speed of interaction can affect the quality of healthcare delivery. A detailed description of best practices and approaches to web application development using React is provided. A component architecture is considered, which provides modularity and code reuse, which is a key factor in creating scalable and easily maintainable applications. Different methods of state management in the application, such as the use of Context API and Redux, have been explored, which allows for efficient data management and stable operation of the application. Guidelines for configuring routing using the React Router library are described, allowing you to create dynamic and multi-page applications while providing smooth navigation and a good user experience. In addition, ways to ensure application security are considered, including protection against XSS attacks, CSRF and other types of vulnerabilities, which is critical in medical applications. The article provides specific recommendations for implementing a web application for a medical clinic. They include practical code examples that demonstrate the implementation of key functionalities such as user registration and authentication, medical record processing, and database interaction. The process of setting up the infrastructure for development, testing and deployment of the application is described, including the use of CI/CD tools to automate these processes, which contributes to increasing the efficiency of development and the quality of the final product. The article provides valuable information for developers who seek to create effective and secure web applications for medical clinics using modern technologies. The conclusions and recommendations presented in the study will help ensure high quality and compliance of the developed solutions with modern industry standards and requirements, which will contribute to increasing the efficiency of the work of medical institutions and the quality of medical services provided to patients
34
Qin, Anzhen, Yanjie Fang, Dongfeng Ning, Zhandong Liu, Ben Zhao, Junfu Xiao, Aiwang Duan e Beibei Yong. "Incorporation of Manure into Ridge and Furrow Planting System Boosts Yields of Maize by Optimizing Soil Moisture and Improving Photosynthesis". Agronomy 9, n. 12 (10 dicembre 2019): 865. http://dx.doi.org/10.3390/agronomy9120865.
Testo completoAbstract (sommario):
A sustainable management strategy of soil fertility and cropping system is critical to guaranteeing food security. However, little is known about the effects of soil amendment strategies on crop growth via regulating soil moisture and photosynthesis in a ridge and furrow cropping system. Here, field experiments were carried out in 2017 and 2018 in semi-arid areas of Loess Plateau, northwest China to investigate the effects of integrated use of ridge and furrow planting and manure amendment on grain yields of maize. Four treatments were designed: CK (flat planting with 100% chemical fertilizer), RFC (ridge and furrow planting with 100% chemical fertilizer), RFR (ridge and furrow planting with 100% control-released fertilizer), and RFM (ridge and furrow planting with 50% manure fertilizer + 50% N fertilizer). On average, RFM increased photosynthetic rates (Pn) by 74%, followed by RFR by 47%, and RFC by 26%, compared to CK. Also, stomatal conductance (Cd), transpiration rates (Tr), and intercellular CO2 concentration (Ci) were highest with RFM, followed by RFR and RFC. Averaged across the two years, RFM conserved 10% more soil water storage (SWS) than CK did at harvest, followed by RFR with an increment by 8%. However, RFC consumed more soil water than CK did, with its ETc 8% higher than CK. Consequently, spring maize treated with RFM suffered less drought stress, especially in 2017 when precipitation was insufficient. On average, grain yields and water use efficiency of RFM were increased by 18% and 27%, compared to CK. Structural equation modeling analysis showed that there existed significant positive correlation between SWS in top layers and grain yields, while SWS in deep layers had negative effects on grain yields. In conclusion, the incorporation of manure into ridge and furrow planting system can be an efficient agronomic practice to improve plant photosynthesis, optimize soil moisture, and boost grain yields in semi-arid areas of Loess Plateau, northwest China.
35
Soma, Venkat. "Enhancing CI/CD Pipelines with Azure Pipelines". Journal of Engineering and Applied Sciences Technology, 31 agosto 2024, 1–4. http://dx.doi.org/10.47363/jeast/2024(6)e108.
Testo completoAbstract (sommario):
This paper has provided in-depth insight on the optimisation of continuous deployment and continuous integration pipelines by using Azure pipelines in the Microsoft’s Azure DevOps suite. It effectively showed different challenges such as scalability issues, automation complexities, toolchain incompatibility. It showed the importance of cloud-based services, security measures and containerization. Through leveraging the effective resource utilization and dynamic testing, the Azure pipeline increase the software reliability and efficiency. This study outlines the benefits for different industries such as sports in which the continuous updates and real-time data analytics is vital.
36
Pan, Ziyue, Wenbo Shen, Xingkai Wang, Yutian Yang, Rui Chang, Yao Liu, Chengwei Liu, Yang Liu e Kui Ren. "Ambush From All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines". IEEE Transactions on Dependable and Secure Computing, 2023, 1–16. http://dx.doi.org/10.1109/tdsc.2023.3253572.
Testo completo
37
Kağızmandere, Ömercan, e Halil Arslan. "Vulnerability analysis based on SBOMs: A model proposal for automated vulnerability scanning for CI/CD pipelines". International Journal of Information Security Science, 28 giugno 2024. http://dx.doi.org/10.55859/ijiss.1455039.
Testo completoAbstract (sommario):
The software bill of materials (SBOM) emerged in 2018 as an important component in software security and software supply chain management. SBOM is an inventory presented as a list of the components that make up software. In recent years, whether software products contain vulnerabilities is a phenomenon that should be checked regularly by the users of that product. This paper deals with the systematic identification and vulnerability analysis of software components based on the concept of software bill of materials. The fact that a software product itself does not contain vulnerabilities does not mean that the software product is secure. Even if software projects do not contain any vulnerabilities when examined alone, there may be vulnerabilities in their components. Vulnerabilities in the dependencies or components of the product may be sufficient for cyber attackers to exploit that product. Minimizing the damage caused by vulnerabilities in software components is the basis of cyber security efforts. In this study, the necessity of automatically generating software bill of materials in software development/deployment environments (CI/CD) and performing vulnerability analysis on this bill of materials is demonstrated and a suitable model is proposed.
38
Raut, Rahul. "Implementation of a Continuous Integration and Deployment Pipeline for Containerized Applications in Amazon Web Services Using Jenkins". INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 06, n. 11 (23 novembre 2022). http://dx.doi.org/10.55041/ijsrem16948.
Testo completoAbstract (sommario):
Today, cloud computing is the preferred option for the majority of businesses. DevOps techniques have been developed as a result, requiring developers to collaborate closely with network engineers to ensure the quick and secure deployment of their applications. Many organizations adopt DevOps and Continuous Integration and Continuous Deployment (CI/CD) techniques to address the slow delivery of services to customers as in Traditional IT approaches, which better meets customer needs. Thanks to the high flexibility and scalability of the infrastructure in the Cloud, DevOps, which unifies developers and operations teams, can bridge the gap between them. Automation is a representation of the CI/CD central approach. This does away with the requirement for human checks, but it does not come without security risk.
39
N, Sravani, Sai Raju O, Harish Ch, Anil Kumar B e Anirudh S. "Machine Learning for Web Vulnerability Detection: The Case of Cross-Site Request Forgery". International Journal Of Scientific Research In Engineering & Technology, 5 febbraio 2024, 29. http://dx.doi.org/10.59256/ijsreat.20240401005.
Testo completoAbstract (sommario):
Cross-site request forgery (CSRF) vulnerabilities pose a significant threat to web application security, enabling attackers to execute unauthorized actions on behalf of authenticated users. Conventional CSRF detection methods, such as manual code review and static analysis, are often time-consuming, error-prone, and inefficient. Proposes Mitch, a novel machine learning (ML)-based solution for the black-box detection of CSRF vulnerabilities. Mitch employs supervised learning, trained on a comprehensive dataset of HTTP requests and responses, to effectively identify security-sensitive HTTP requests and uncover CSRF vulnerabilities within them. Rigorous evaluations on a diverse set of real-world web applications demonstrate Mitch's remarkable ability to detect CSRF vulnerabilities with high accuracy, outperforming traditional methods. Mitch's automated nature eliminates the need for manual code review and static analysis, saving time and effort while reducing the risk of human error. Additionally, Mitch's scalability allows seamless integration into continuous integration and continuous delivery (CI/CD) pipelines, enabling continuous security monitoring and vulnerability detection. Mitch's efficacy extends beyond detecting known CSRF vulnerabilities. Its ability to identify patterns and relationships enables it to uncover obscure CSRF vulnerabilities that may have been overlooked by traditional methods, including zero-day vulnerabilities. In conclusion, Mitch emerges as a powerful tool for enhancing web application security, offering a comprehensive and automated solution for detecting CSRF vulnerabilities. Its ability to handle complex web applications, uncover hidden CSRF vulnerabilities, and integrate into CI/CD pipelines makes it an indispensable tool for web security professionals. Mitch's adoption has the potential to significantly reduce the risk of CSRF attacks and safeguard sensitive user data. We propose a methodology to leverage machine learning (ML) for the detection of web application vulnerabilities. We use it in the design of Mitch, the first ML solution for the black-box detection of cross-site request forgery vulnerabilities. Finally, we show the effectiveness of Mitch on real software. In this project, we propose a methodology to leverage Machine Learning (ML) for the detection of web application vulnerabilities. Web applications are particularly challenging to analyses, due to their diversity and the widespread adoption of custom programming practices. ML is thus very helpful for web application security it can take advantage of manually labeled data to bring the human understanding of the web application semantics into automated analysis toolsMitch allowed us to identify 35 new CSRFs on 20 major websites and 3 new CSRFs on production software. Keywords: Mitch, CSRF, CI/CD pipelines, Security Token Service (STS), Same-Origin Policy (SOP).
40
-, Jesu Narkarunai Arasu Malaiyappan, Lavanya Shanmugam -, Kumaran Thirunavukkarasu - e Jawaharbabu Jeyaraman -. "Cloud Storage Security: Threats, Solutions, and Future Directions". International Journal For Multidisciplinary Research 5, n. 6 (29 novembre 2023). http://dx.doi.org/10.36948/ijfmr.2023.v05i06.16337.
Testo completoAbstract (sommario):
Cloud storage security is a paramount concern in today's digital landscape, as organizations increasingly rely on cloud services to store and manage their data. This research paper examines the threats, solutions, and future directions of cloud storage security, providing insights into the challenges faced by organizations and the strategies employed to mitigate risks. The paper explores various security threats such as data breaches, unauthorized access, and compliance issues, highlighting the importance of implementing robust security measures to protect sensitive information. Solutions discussed include encryption, access controls, security monitoring, and compliance frameworks, with a focus on integrating security into DevOps and CI/CD pipelines to ensure continuous protection. Additionally, the paper explores emerging technologies such as blockchain and homomorphic encryption, offering innovative approaches to enhance cloud storage security. Through case studies, real-world examples, and cost analysis, the paper illustrates the financial implications of cloud storage security initiatives and provides practical insights for organizations seeking to strengthen their security posture in the cloud.
41
Mogwitz, Sabine, Christian Albus, Petra Beschoner, Yesim Erim, Franziska Geiser, Lucia Jerg-Bretzke, Eva Morawa, Susann Steudte-Schmiedgen, Gloria-Beatrice Wintermann e Kerstin Weidner. "Mental distress of physicians in the outpatient care throughout the COVID-19 pandemic: emotional and supportive human relations matter – Cross-sectional results of the VOICE-study". BMC Health Services Research 23, n. 1 (12 maggio 2023). http://dx.doi.org/10.1186/s12913-023-09361-3.
Testo completoAbstract (sommario):
Abstract Background The aim of this cross-sectional study was to evaluate the course of self-reported mental distress and quality of life (QoL) of physicians, working in the outpatient care (POC). Outcomes were compared with a control group of physicians working in the inpatient care (PIC), throughout the Corona Virus Disease (COVID)-19 pandemic. The impact of risk and protective factors in terms of emotional and supportive human relations on mental distress and perceived QoL of POC were of primary interest. Methods Within the largest prospective, multi-center survey on mental health of health care workers (HCW), conducted during the first (T1) and second (T2) wave of the COVID-19 pandemic in Europe, we investigated the course of current burden (CB), depression (Patient Health Questionnaire-2), anxiety (Generalized Anxiety Disorder-2) and QoL, cross-sectionally, in n = 848 POC (T1: n = 536, T2: n = 312). The primary outcomes were compared with an age- and gender-matchted control group of n = 458 PIC (T1: n = 262, T2: n = 196). COVID-19-, work-related, social risk and protective factors were examined. Results At T1, POC showed no significant differences with respect to CB, depression, anxiety, and QoL, after Bonferroni correction. Whereas at T2, POC exhibited higher scores of CB (Cohen´s d/ Cd = .934, p < .001), depression (Cd = 1.648, p < 001), anxiety (Cd = 1.745, p < .001), work-family conflict (Cd = 4.170, p < .001) and lower QoL (Cd = .891, p = .002) compared with PIC. Nearly all assessed parameters of burden increased from T1 to T2 within the cohort of POC (e.g. depression: CD = 1.580, p < .001). Risk factors for mental distress of POC throughout the pandemic were: increased work-family conflict (CB: ß = .254, p < .001, 95% CI: .23, .28; PHQ-2: ß = .139, p = .011, 95% CI: .09, .19; GAD-2: ß = .207, p < .001, 95% CI: .16, .26), worrying about the patients´ security (CB: ß = .144, p = .007, 95% CI: .07, .22; PHQ-2: ß = .150, p = .006, 95% CI: .00, .30), fear of triage situations (GAD-2: ß = .132, p = .010, 95% CI: -.04, .31) and burden through restricted social contact in spare time (CB: ß = .146, p = .003, 95% CI: .07, .22; PHQ-2: ß = .187, p < .001, 95% CI: .03, .34; GAD-2: ß = .156, p = .003, 95% CI: -.01, .32). Protective factors for mental distress and QoL were the perceived protection by local authorities (CB: ß = -.302, p < .001, 95% CI: -.39, -.22; PHQ-2: ß = -.190, p < . 001, 95% CI: -.36, -.02; GAD-2: ß = -.211, p < .001, 95% CI: -.40, -.03; QoL: ß = .273, p < .001, 95% CI: .18, .36), trust in colleagues (PHQ-2: ß = -.181, p < .001, 95% CI: -.34, -.02; GAD-2: ß = -.199, p < .001, 95% CI: -.37, -.02; QoL: ß = .124, p = .017, 95% CI: .04, .21) and social support (PHQ-2: ß = -.180, p < .001, 95% CI: -.22, -.14; GAD-2: ß = -.127, p = .014, 95% CI: -.17, -.08; QoL: ß = .211, p < .001, 95% CI: .19, .23). Conclusions During the pandemic, the protective role of emotional and supportive human relations on the mental distress and quality of life of POC should be taken into account more thoroughly, both in practice and future research.
42
"Applying Unsupervised Machine Learning in Continuous Integration, Security and Deployment Pipeline Automation for Application Software System". International Journal of Recent Technology and Engineering 8, n. 4 (30 novembre 2019): 1426–30. http://dx.doi.org/10.35940/ijrte.d7387.118419.
Testo completoAbstract (sommario):
Continuous integration and Continuous Deployment (CICD) is a trending practice in agile software development. Using Continuous Integration helps the developers to find the bugs before it goes to the production by running unit tests, smoke tests etc. Deploying the components of the application in Production using Continuous Deployment, using this way, the new release of the application reaches the client faster. Continuous Security makes sure that the application is less prone to vulnerabilities by doing static scans on code and dynamic scans on the deployed releases. The goal of this study is to identify the benefits of adapting the Continuous Integration - Continuous Deployment in Application Software. The Pipeline involves Implementation of CI – CS - CD on a web application ClubSoc which is a Club Management Application and using unsupervised machine learning algorithms to detect anomalies in the CI-CS-CD process. The Continuous Integration is implemented using Jenkins CI Tool, Continuous Security is implemented using Veracode Tool and Continuous Deployment is done using Docker and Jenkins. The results have shown by adapting this methodology, the author is able to improve the quality of the code, finding vulnerabilities using static scans, portability and saving time by automation in deployment of applications using Docker and Jenkins. Applying machine learning helps in predicting the defects, failures and trends in the Continuous Integration Pipeline, whereas it can help in predicting the business impact in Continuous Delivery. Unsupervised learning algorithms such as K-means Clustering, Symbolic Aggregate Approximation (SAX) and Markov are used for Quality and Performance Regression analysis in the CICD Model. Using the CICD model, the developers can fix the bugs pre-release and this will impact the company as a whole by raising the profit and attracting more customers. The Updated Application reaches the client faster using Continuous Deployment. By Analyzing the failure trends using Unsupervised machine learning, the developers might be able to predict where the next error is likely to happen and prevent it in the pre-build stage
43
Farhat, Fozia, Muhammad Arfan, Xiukang Wang, Arneeb Tariq, Muhammad Kamran, Hafiza Naila Tabassum, Ifra Tariq et al. "The Impact of Bio-Stimulants on Cd-Stressed Wheat (Triticum aestivum L.): Insights Into Growth, Chlorophyll Fluorescence, Cd Accumulation, and Osmolyte Regulation". Frontiers in Plant Science 13 (18 febbraio 2022). http://dx.doi.org/10.3389/fpls.2022.850567.
Testo completoAbstract (sommario):
It has been established that wheat (Triticum aestivum L.) has a higher Cd absorption capacity than other cereal crops causing an excess daily Cd intake and a huge threat for public health. Therefore, the reduction of Cd accumulation in wheat from the soil is a crucial food-security issue. A pot trial was performed on Cd-stressed wheat seedlings to evaluate the morphological and physio-biochemical responses via foliage spray of two different bio-stimulants, i.e., ascorbic acid (AsA) and moringa leaf extract (MLE). Two wheat cultivars (Fsd-08 and Glxy-13) were exposed to cadmium (CdCl2.5H2O) stress (0, 500, and 1,000 μM), along with foliar spray of AsA (0 and 50 mM) and MLE (0 and 3%). The most observable growth reduction was documented in plants that are exposed to a higher Cd concentration (1,000 μM), followed by the lower Cd level (500 μM). The wheat growth attributes, such as number of leaves per plant, number of tillers per plant, biomass yield, shoot/root length, and leaf area, were greatly depressed under the Cd stress, irrespective of the cultivar. Under the increasing Cd stress, a significant diminution was observed in maximum photochemical efficiency (Fv/Fm), photochemical quenching (qP), and electron transport rate (ETR) accompanied with reduced gas exchange attributes. However, Cd-induced phytotoxicity enhanced the non-photochemical quenching (NPQ) and internal carbon dioxide concentration (Ci), which was confirmed by their significant positive correlation with Cd contents in shoot and root tissues of both cultivars. The contents of proline, AsA, glycine betaine (GB), tocopherol, total free amino acid (TFAA), and total soluble sugar (TSS) were greatly decreased with Cd stress (1,000 μM), while MLE and AsA significantly enhanced the osmolytes accumulation under both Cd levels (especially 500 μM level). The Cd accumulation was predominantly found in the root as compared to shoots in both cultivars, which has declined after the application of MLE and AsA. Conclusively, MLE was found to be more effective to mitigate Cd-induced phytotoxicity up to 500 μM Cd concentration, compared with the AsA amendment.
44
Patharlagadda, Pallavi Priya. "Integration of SonarQube, The Quality Inspector for GO & Docker Compose". Journal of Engineering and Applied Sciences Technology, 31 agosto 2023, 1–5. http://dx.doi.org/10.47363/jeast/2023(5)e111.
Testo completoAbstract (sommario):
Project success at any company is mostly dependent on code quality and security. Continuous evaluation of code quality is necessary to attain peak efficiency and minimize the likelihood of mistakes. Nevertheless, without the use of a static code analysis tool, achieving complete code visibility might be difficult. The SonarQube platform will be of interest to your company if your software development team is looking to enhance code quality. Nonetheless, developers must make sure that coding standards are followed at all times if their teams employ a CI/CD pipeline to update the code base. This article will define SonarQube, highlight some of its best features, and discuss why companies should use it for code analysis, and integrate it with a GO project and Docker Compose.
45
Малыгин, Д. С. "Microservice architecture in cloud systems: risks and application opportunities in 2024–2030". МОДЕЛИРОВАНИЕ, ОПТИМИЗАЦИЯ И ИНФОРМАЦИОННЫЕ ТЕХНОЛОГИИ 12, n. 2(45) (7 aprile 2024). http://dx.doi.org/10.26102/2310-6018/2024.45.2.029.
Testo completoAbstract (sommario):
Микросервисная архитектура (МСА) выступает как современный подход в разработке программного обеспечения, нацеленный на обеспечение гибкости, масштабируемости и устойчивости к изменениям требований со стороны бизнеса и технологий. Предмет данного исследования заключается в выявлении и анализе возможностей и рисков применения МСА в контексте операционных систем (ОС), что актуально на фоне все ускоряющейся цифровизации и повышения требований к программному обеспечению. Целью работы является оценка и прогнозирование роли МСА в будущем ОС, включая анализ текущих тенденций и предсказание развития на ближайшее десятилетие. Методология исследования базируется на сравнительном анализе микросервисных и монолитных архитектур, а также включает в себя рассмотрение данных из актуальных исследовательских работ, посвященных МСА. Основные результаты исследования подчеркивают значительное увеличение эффективности и производительности программных систем за счет внедрения МСА, что демонстрируется на примере ускорения разработки и улучшения возможности непрерывной интеграции и доставки (CI/CD), а также повышении отказоустойчивости систем. Также были выявлены и систематизированы ключевые риски и проблемы, связанные с применением микросервисов, включая сложности управления и потенциальные угрозы безопасности, что представляет собой необходимость в разработке специализированных инструментов и подходов к обеспечению безопасности и мониторинга микросервисных систем. Ценность данного исследования заключается в обеспечении глубокого понимания роли и места МСА в современных ОС, предоставляя комплексный анализ рисков и возможностей, что служит основой для разработки стратегий эффективного внедрения и использования микросервисов. Полученные результаты и рекомендации способствуют улучшению практических навыков и развитию концепций в области системной архитектуры, предоставляя ценные указания для ИТ-специалистов, системных архитекторов и разработчиков в области оптимизации программного обеспечения и повышения его надежности и производительности. Microservices architecture (MSA) represents a modern approach in software development, aimed at enhancing flexibility, scalability, and resilience to changes in both business and technological requirements. This study focuses on identifying and analyzing the opportunities and risks of applying MSA within the context of operating systems (OS), which is particularly relevant against the backdrop of accelerating digitalization and increasing software demands. The objective of the study is to assess and forecast the role of MSA in the future of OS, including an analysis of current trends and predictions for the coming decade. The research methodology is based on a comparative analysis of microservices and monolithic architectures and includes data from current research works dedicated to MSA. The main findings of the study underscore the significant increase in efficiency and performance of software systems through the implementation of MSA, demonstrated by the acceleration of development and improvement of continuous integration and delivery (CI/CD) capabilities, as well as enhanced system resilience. Key risks and issues related to the use of microservices were also identified and systematized, including management challenges and potential security threats, highlighting the need for the development of specialized tools and approaches for security and monitoring of microservices systems. The value of this research lies in providing a deep understanding of the role and place of MSA in modern OS, offering a comprehensive analysis of risks and opportunities, serving as a foundation for developing effective implementation and utilization strategies of microservices. The results and recommendations contribute to the improvement of practical skills and the development of concepts in system architecture, providing valuable guidance for IT professionals, system architects, and developers in the field of software optimization and enhancing its reliability and performance.
46
Elhemri, Mansour, Iman Reksowardojo, Kanit Wattanavichien e Wiranto Arismunandar. "A comparative study for the effects of synthetic diesel fuels on the performance and emissions of a single cylinder DI diesel engine". Libyan Journal for Engineering Research 1, n. 2 (3 settembre 2017). http://dx.doi.org/10.37376/lyjer.v1i2.471.
Testo completoAbstract (sommario):
The high cost of crude oil, the volatility of the international energy market, the nation energy supply security and the negative environmental impacts have been significantly stimulating the use of alternative fuel in engine applications. The production process of waste cooking oil and waste plastic to diesel-range paraffinic compositions was appropriately proposed according to the conditions of the socioeconomic situations. Two alternative synthetic diesel fuels from waste cooking oil and from waste plastic were successfully manufactured by Biomass R&D Centre of Chulalongkorn University, Saraburi, and had been used in this study. Pyrolysis (thermal cracking) process was implemented to break the long chain hydrocarbons, which is the main composition of waste plastics and waste cooking oil, to diesel range hydrocarbons. The main target of this research is to evaluate the influence of using two synthetic diesels and palm cooking oil biodiesel (palm methyl ester) on the performance, and emissions of a direct-injection single cylinder diesel engine comparing with conventional diesel fuel (CD) as base line. Test bench experiments (constant speed steady state) were conducted with a single cylinder DI CI engine at 1400, 1700 and 2100 rpm, along selected part load. The acquired data was a comparative analysis dealt with: brake specific fuel consumption, brake specific energy consumption, brake thermal efficiency, and exhaust emissions. The knowledge of these comparative results on engine performance obtained in this research can be used to develop high performance green fuels in a near future. The results provided a realistic experimental investigation in terms of using such alternative diesel fuels on diesel engines in Southeast Asian countries.