Advanced Role-Based Access Control Models for Azure DevOps and CyberArk Integration

Suresh Pairu Subramanyam; Suresh Pairu Subramanyam

doi:10.15662/IJAESIT.2024.0703004

Articles

Advanced Role-Based Access Control Models for Azure DevOps and CyberArk Integration

Suresh Pairu Subramanyam

Technical Manager, Full Stack Development, Columbus, OHIO, USA

Abstract

The increased application of cloud DevOps systems suggests a high and fine-grained access control systems in order to guarantee confidentiality of the code-repositories, deployment pipelines, as well as privileged identity set. The paper will be a review of the designed Role-Based Access Control (RBAC) models which are peculiar to integrating Microsoft Azure DevOps and CyberArk privileged access management. We suggest a simple RBAC-system that will coalesce the tiered roles of the Azure DevOps with the access control of the CyberArk vaults to enable fined-grain authorization, automatic provisioning of the privileges and real-time audits. The structure presents a relocating role mapping, condition sensing permission promotion and separation of duty execution and overcomes common issues of multi-group co-operative setting. A model implementation prototype was created to test the model and it recreated enterprise scale hierarchies of users, sensitive repository workflows. The availability of access request latency, the correctness and breadth of the policy implementation enforced in order to meet the security requirements are some of the evaluation measurements. One also demonstrates that the distributed RBAC system reduces the amount of unauthorized claims by 72 percent, reduces the administrative load and responsible traces across DevOps pipes down by 45 percent. The study also gives an indication of how the RBAC policies should be aligned with the organization governance standards, best practices in the permission inheritance, the least privilege and cross platform synchronization between the Azure DevOps and CyberArk. The analysis unveils the practicability of the practical approach towards the attainment of hybrid DevOps settings; retaining both the operations agile. Future research will look at more areas needed to improve adaptive RBAC applied on AI-based anomaly detection to further predict insider threats.

Article Information

Journal	International Journal of Advanced Engineering Science and Information Technology (IJAESIT)
Volume (Issue)	Vol. 7 No. 3 (2024): International Journal of Advanced Engineering Science and Information Technology (IJAESIT)
DOI	https://doi.org/10.15662/IJAESIT.2024.0703004
Pages	14069-14076
Published	May 12, 2024
Copyright	Creative Commons Attribution 4.0 International License
Open Access	This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite	Suresh Pairu Subramanyam (2024). Advanced Role-Based Access Control Models for Azure DevOps and CyberArk Integration. International Journal of Advanced Engineering Science and Information Technology (IJAESIT) , Vol. 7 No. 3 (2024): International Journal of Advanced Engineering Science and Information Technology (IJAESIT) , pp. 14069-14076. https://doi.org/10.15662/IJAESIT.2024.0703004

References

[1] Microsoft, “Azure DevOps Security Overview,” Microsoft Docs, 2023. [Online]. Available: https://learn.microsoft.com/en-us/azure/devops/organizations/security/security-overview?view=azure-devops.
[2] National Institute of Standards and Technology (NIST), “Role-Based Access Control Project,” NIST, 2017. [Online]. Available: https://csrc.nist.gov/projects/role-based-access-control.
[3] CyberArk, “Privileged Access Manager,” CyberArk, 2023. [Online]. Available: https://www.cyberark.com/products/privileged-access-manager/.
[4] Forbes, P. Moor Insights, “How CyberArk Manages Privileged Access,” 2022. [Online]. Available: https://www.forbes.com/sites/moorinsights/2022/02/14/how-cyberark-manages-privileged-access/.
[5] BeyondTrust, “What is Privileged Access Management (PAM),” BeyondTrust Resources, 2023. [Online]. Available: https://www.beyondtrust.com/resources/glossary/privileged-access-management-pam.
[6] Pathlock, “Role-Based Access Control (RBAC),” Pathlock Blog, 2021. [Online]. Available: https://pathlock.com/blog/role-based-access-control-rbac/.
[7] Cycode, “Security Best Practices for Azure DevOps,” Cycode Blog, 2022. [Online]. Available: https://cycode.com/blog/security-best-practices-for-azure-devops/.
[8] Cloud Security Alliance, “5 Best Practices for Securing Microsoft Azure,” CSA Articles, 2020. [Online]. Available: https://cloudsecurityalliance.org/articles/5-best-practices-for-securing-microsoft-azure.
[9] Ahembit, “Guide to Privileged Access Management Definitions and Key Criteria,” Ahembit Blog, 2021. [Online]. Available: https://aembit.io/blog/guide-to-privileged-access-management-definitions-and-key-criteria/.
[10] Conjur, “Role-Based Access Control for DevOps Security,” Conjur Solutions, 2021. [Online]. Available: https://www.conjur.org/solutions/rbac/.
[11] Wikipedia, “Role-Based Access Control,” 2023. [Online]. Available: https://en.wikipedia.org/wiki/Role-based_access_control.