2 research outputs found
Recommended from our members
Scootr Studio: Serverless on Wheels
Significant increases in the amount of data being streamed, collected, and processed have resulted in widespread adoption of the use of microservices to build scalable software applications. Unfortunately, current tools and frameworks are often insufficient at providing a simple, unified experience for the design, development, and deployment of microservices. They also have the tendency to be overly-complicated, resource intensive, and vendor-specific. This Master’s Project Report introduces Scootr Studio, the first in a class of next-generation integrated development environments (IDEs) for microservice-based applications. Scootr Studio unifies the design, development, and deployment of microservice-based applications through the use of a small set of abstractions. These abstractions create an Event-Driven Application Architecture Model (EDAAM) that minimizes hosting-provider dependence. A laboratory study showed that software developers are able to build microservice-based applications 4.4 times faster using Scootr Studio than their existing IDE of choice. These users’ experiences also illustrate how the use of Scootr Studio eliminates common errors encountered during deployment of microservice-based applications. Participants in the laboratory study also completed a usability survey, where Scootr Studio was given favorable ratings for its learnability, memorability, efficiency, and error rate reduction. These promising results serve as a starting point for creating tools that provide a simpler, more holistic development experience for agile software development teams looking to properly utilize microservices in their systems
Access Control Process for a SaaS Provider
Access control is a process of limiting access to systems and services. It is a way by which the users are granted access and privileges to information and resources of an organization. The process involves controlling, managing, logging and reviewing access. It ensures that individuals in an organization are able to access and use the systems they need to do their job but do not have more than the needed access.
An organization's major asset is the information regarding customers, processes, products, and suppliers which are critical for its operations. The internet-based technologies provide integration of corporate applications, internal and third-party systems, decision support systems, knowledge management, and repositories. The most common threat to these critical resources is unauthorized access that can pave ways for malicious activities that are harmful and can lead to loss of confidentiality, integrity, and availability. In order to minimize the risks and ensure business continuity, access control process following the best practices should be in place.
In this thesis, an access control process for a SaaS organization is designed, implemented and tested. Protection of the proprietary information and resources is of prime importance for such an organization. The existing access control process is not following industry standards and best practices. As the organization is growing fast, the business and organizational requirements are also changing. In order to comply with standards for access control, the new access control process is carried out as per the guidelines provided by security standards while keeping in view the growing organization needs. All controls have been designed as per the requirements of SOC 2 and ISO 27001. The process is implemented mainly on the basis of role-based access (RBAC) model and the principle of “need to know”.
Client satisfaction, legal harmonization, and financial returns are among the benefits that the organization gets by having an access control process in line with security standards. Moreover, the organization is not only able to prevent data breaches but also meet the regional and worldwide regulations