CIATfunc: a frame-based serverless framework for composing secure end-to-end applications
摘要
End-to-end applications (E2E-Apps) are essential for secure and seamless data exchange in scenarios like cloud-based data sharing and decentralized environments. However, they face challenges adapting to changing requirements, integrating security, computing, and storage services, and managing resources effectively in dynamic environments. This paper introduces CIATfunc, a framework for composing Secure End-to-End applications (SecE2E-Apps) by addressing these challenges through the combination of Policy-as-Code for defining high-level security requirements with Infrastructure-as-Code for automating resource provisioning and management. This integration ensures secure, scalable, and efficient workflows tailored to specific needs. The CIATfunc framework was validated through a controlled evaluation and a case study involving the secure exchange of tomographic imagery between valid users and registering transactions in a blockchain (BC). Results demonstrated its capability to build customized and traceable SecE2E-Apps while significantly improving performance through parallel execution of security tasks and efficient resource management.