Abstract and keywords
Abstract:
The paper addresses the formalization and automation of security policy design within Infrastructure as Code under the DevSecOps paradigm. Limitations of existing Policy-as-Code tools are analyzed. A low-code visual environment integrated into an IT inventory system is proposed. A graph-based formal model and transformation algorithm for generating executable rules are developed. Experimental results confirm a 48–56% reduction in policy development time while preserving control completeness.

Keywords:
DevSecOps, Infrastructure as Code, formal model, static analysis, security automation
References

1. Sumin, V. I. Osobennosti vybora chlenov ekspertnoy gruppy dlya analiza funkcionirovaniya slozhnoy organizacionnoy sistemy silovyh struktur / V. I. Sumin, A. S. Dubrovin, I. S. Kuscheva // Modelirovanie sistem i processov. – 2024. – T. 17, № 4. – S. 77-83. – DOIhttps://doi.org/10.12737/2219-0767-2024-17-4-77-83. – EDN ISTAML.

2. Proskuryakov, A. A. Proektirovanie Low-code sredy razrabotki smart-kontraktov / A. A. Proskuryakov // Fundamental'nye i prikladnye aspekty komp'yuternyh tehnologiy i informacionnoy bezopasnosti : sbornik statey Vserossiyskoy nauchno-tehnicheskoy konferencii, Taganrog, 10–15 aprelya 2023 goda. – Taganrog: Yuzhnyy federal'nyy universitet, 2023. – S. 251-253. – EDN VGAGTZ.

3. Polyakova, A. V. Tehnologicheskie podhody k vnedreniyu geymifikacii v obrazovatel'nyy process / A. V. Polyakova // Chelovecheskiy kapital. – 2025. – № 5(197). – S. 136-144. – DOIhttps://doi.org/10.25629/HC.2025.05.13. – EDN UKXNNY.

4. Gur'eva, T. N. Proektirovanie i razrabotka programmnogo robota dlya avtomatizacii processov zakupok i upravleniya zapasami materialov / T. N. Gur'eva, E. A. Kuskunakova // Sovremennye naukoemkie tehnologii. – 2025. – № 11. – S. 23-29. – DOIhttps://doi.org/10.17513/snt.40562. – EDN GOFWUU.

5. Umarov, S. Z. Model' obrascheniya lekarstvennyh preparatov na baze otechestvennoy analiticheskoy platformy Loginom / S. Z. Umarov, R. A. Golubenko, A. A. Horunzhaya // Mediko-farmacevticheskiy zhurnal Pul's. – 2024. – T. 26, № 5. – S. 161-167. – DOIhttps://doi.org/10.26787/nydha-2686-6838-2024-26-5-161-168. – EDN CPEVNP. DOI: https://doi.org/10.26787/nydha-2686-6838-2024-26-5-161-167

6. Bogdanov, V. S. Proaktivnyy monitoring vypolneniya politiki bezopasnosti v komp'yuternyh setyah / V. S. Bogdanov, I. V. Kotenko // Zaschita informacii. Insayd. – 2007. – № 3(15). – S. 42-47. – EDN TRKKWV.

7. Koryakin, V. Yu. Testirovanie zaschity infrastruktury gpo na baze windows server: analiz uyazvimostey i metodov obhoda gruppovyh politik / V. Yu. Koryakin, E. V. Tischenko // Paradigma. – 2025. – № 5-5. – S. 227-237. – EDN OYWKYK.

Login or Create
* Forgot password?