Code Obfuscation in CI/CD Pipelines for Enhanced DevOps Security

Code Obfuscation in CI/CD Pipelines for Enhanced DevOps Security

연구 분야: Analysis

학회: 2024 International Conference on Artificial Intelligence, Blockchain, Cloud Computing, and Data Analytics (ICoABCD)

In recent years, DevOps (Development and Operations) has become an essential part of the software industry, offering practices that enable quick, reliable, and high-quality software delivery. The business world's increasing demand for speed and expertise has highlighted the need for DevOps methods that streamline development stages without compromising software quality. Concurrently, security breaches such as data leaks necessitate addressing security threats in software, especially in the DevOps process. It has led to integrating security into DevOps, termed DevSecOps, which enhances software quality by embedding security principles. CI/CD, a DevOps practice, involves continuous integration, delivery, and code deployment. Continuous Deployment ensures software stability through automated testing before server deployment. The main goal of this research is to overcome source code hijacking attempts while in the CI/CD pipeline; even if it happens, the source code will not be easy to read and prevent the possibility of being modified by unauthorized users; technical protection via obfuscation is essential. This research proposes using the Blowfish encryption algorithm for code obfuscation in the CI/CD pipeline. Blowfish is preferred due to its shorter encryptionldecryption times. This automated code obfuscation mechanism, implemented in the CI/CD pipeline using GitHub Actions, aims to develop secure systems by making the source code more difficult to understand, ensuring secure Continuous Deployment.