Russian Federation
The paper addresses the formalization and automation of security policy design within Infrastructure as Code under the DevSecOps paradigm. Limitations of existing Policy-as-Code tools are analyzed. A low-code visual environment integrated into an IT inventory system is proposed. A graph-based formal model and transformation algorithm for generating executable rules are developed. Experimental results confirm a 48–56% reduction in policy development time while preserving control completeness.
DevSecOps, Infrastructure as Code, formal model, static analysis, security automation
1. Sumin, V. I. Osobennosti vybora chlenov ekspertnoy gruppy dlya analiza funkcionirovaniya slozhnoy organizacionnoy sistemy silovyh struktur / V. I. Sumin, A. S. Dubrovin, I. S. Kuscheva // Modelirovanie sistem i processov. – 2024. – T. 17, № 4. – S. 77-83. – DOIhttps://doi.org/10.12737/2219-0767-2024-17-4-77-83. – EDN ISTAML.
2. Proskuryakov, A. A. Proektirovanie Low-code sredy razrabotki smart-kontraktov / A. A. Proskuryakov // Fundamental'nye i prikladnye aspekty komp'yuternyh tehnologiy i informacionnoy bezopasnosti : sbornik statey Vserossiyskoy nauchno-tehnicheskoy konferencii, Taganrog, 10–15 aprelya 2023 goda. – Taganrog: Yuzhnyy federal'nyy universitet, 2023. – S. 251-253. – EDN VGAGTZ.
3. Polyakova, A. V. Tehnologicheskie podhody k vnedreniyu geymifikacii v obrazovatel'nyy process / A. V. Polyakova // Chelovecheskiy kapital. – 2025. – № 5(197). – S. 136-144. – DOIhttps://doi.org/10.25629/HC.2025.05.13. – EDN UKXNNY.
4. Gur'eva, T. N. Proektirovanie i razrabotka programmnogo robota dlya avtomatizacii processov zakupok i upravleniya zapasami materialov / T. N. Gur'eva, E. A. Kuskunakova // Sovremennye naukoemkie tehnologii. – 2025. – № 11. – S. 23-29. – DOIhttps://doi.org/10.17513/snt.40562. – EDN GOFWUU.
5. Umarov, S. Z. Model' obrascheniya lekarstvennyh preparatov na baze otechestvennoy analiticheskoy platformy Loginom / S. Z. Umarov, R. A. Golubenko, A. A. Horunzhaya // Mediko-farmacevticheskiy zhurnal Pul's. – 2024. – T. 26, № 5. – S. 161-167. – DOIhttps://doi.org/10.26787/nydha-2686-6838-2024-26-5-161-168. – EDN CPEVNP. DOI: https://doi.org/10.26787/nydha-2686-6838-2024-26-5-161-167
6. Bogdanov, V. S. Proaktivnyy monitoring vypolneniya politiki bezopasnosti v komp'yuternyh setyah / V. S. Bogdanov, I. V. Kotenko // Zaschita informacii. Insayd. – 2007. – № 3(15). – S. 42-47. – EDN TRKKWV.
7. Koryakin, V. Yu. Testirovanie zaschity infrastruktury gpo na baze windows server: analiz uyazvimostey i metodov obhoda gruppovyh politik / V. Yu. Koryakin, E. V. Tischenko // Paradigma. – 2025. – № 5-5. – S. 227-237. – EDN OYWKYK.



