Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Securing physical IT infrastructures through immutability
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 80 credits / 120 HE creditsStudent thesis
Abstract [en]

Configuration drifts are one of issues IT infrastructures of any sort are confronting with nowadays. They representdifferences in configurations of servers participating to the same service and are a main source of vulnerabilitiesand service disruption. For cloud and virtual environments, there is already a solution that makes sure servers’configurations are kept consistent - immutability. Immutability is a DevOps practice which implies redeployingor recreating servers frequently with the same configuration or an updated configuration, overriding any manualchanges. For physical servers, which are still present and needed in an infrastructure, it appears there are no similarsolutions and relevant research in this direction appears to be very limited. This research tries to determine theresources and steps for transforming physical servers into immutable servers and does this by creating a frameworkto implement immutability as it is implemented in cloud environments. The framework is built following standarddesign research steps and it is based on different resources like automation tools and existing immutabilityframeworks for cloud. In the end the framework feasibility is tested. The feasibility is assessed by measuring thetime spent in a deployment, the capacity to deploy multiple servers at the same time and the degree ofconfigurations drifts resulted after the deployment. The framework needs to be able to install servers in a shorttime in order to accommodate frequent installations, like it happens in cloud environments. It needs to be ableto install multiple servers in parallel in order to be attractive for engineers and speed deployments. It needs tomake sure all servers have the same configuration. Also, the framework needs to accommodate other infrastructurerequirements like security. Furthermore, a set of design principles are determined from the development process,these are the steps required to be followed in order to build similar frameworks, and not only for physical servers.Finally, this research can be extended to become an action design research by implementing the framework in abusiness environment and using it on a real production infrastructure. It remains to determine whether using theframework, the benefits immutability claims to have: eliminating configuration drifts, reducing security risks andreducing infrastructure management costs, and which proved to be difficult to achieve in physical serversinfrastructures, are attained over a longer period of time.

Place, publisher, year, edition, pages
2019. , p. 66
Keywords [en]
immutability, physical servers, bare-metal, DevOps, configuration drifts, vulnerabilities
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:ltu:diva-75798OAI: oai:DiVA.org:ltu-75798DiVA, id: diva2:1347683
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level (120 credits)
Presentation
2019-08-29, 11:00 (English)
Supervisors
Examiners
Available from: 2019-09-10 Created: 2019-09-02 Last updated: 2019-09-10Bibliographically approved

Open Access in DiVA

No full text in DiVA

Search in DiVA

By author/editor
Niculicea, Cristiana - Elinnore
By organisation
Department of Computer Science, Electrical and Space Engineering
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 137 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf