Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis

Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis

Lokit ovat tärkeitä, koska ne kertovat järjestelmän tilasta, ja niiden avulla voidaan tunnistaa minkä tahansa tyyppiset kyberhyökkäykset tai luoda tietopohjainen kuva käyttäjien työtavoista. Monet viimeaikaiset lait ja standardit pakottavat lokinhallintaan. NIS2 direktiivi pakottaa tietyt valmistaja...

Full description

Bibliographic Details
Main Author: Alavesa, Piia
Other Authors: Informaatioteknologian tiedekunta, Faculty of Information Technology, University of Jyväskylä, Jyväskylän yliopisto
Format: Master's thesis
Language:eng
Published: 2024
Subjects:
Kyberturvallisuuden maisteriohjelma
Master's Degree Programme in Cyber Security
Online Access: https://jyx.jyu.fi/handle/123456789/98565
_version_ 1826225731027337216
author Alavesa, Piia
author2 Informaatioteknologian tiedekunta Faculty of Information Technology University of Jyväskylä Jyväskylän yliopisto
author_facet Alavesa, Piia Informaatioteknologian tiedekunta Faculty of Information Technology University of Jyväskylä Jyväskylän yliopisto Alavesa, Piia Informaatioteknologian tiedekunta Faculty of Information Technology University of Jyväskylä Jyväskylän yliopisto
author_sort Alavesa, Piia
datasource_str_mv jyx
description Lokit ovat tärkeitä, koska ne kertovat järjestelmän tilasta, ja niiden avulla voidaan tunnistaa minkä tahansa tyyppiset kyberhyökkäykset tai luoda tietopohjainen kuva käyttäjien työtavoista. Monet viimeaikaiset lait ja standardit pakottavat lokinhallintaan. NIS2 direktiivi pakottaa tietyt valmistajat huomioimaan lokinhallinnan ja -käsittelyn ohjelmistokehitysprosessin vaiheissa. Ohjelmistohallinnan automaatiota tulisi edistää myös standardien IEC 62443 ja ISO 27001 mukaisesti. Tämä sisältää lokinhallintatyökalujen ja työkaludokumentaation, lokinhallintatoimintojen teknisen ohjeistuksen ja tiedon jakamisen lokinhallintahenkilöstölle. ISO 27001 jopa mainitsee yhdeksi menetelmistään sen, että turvallinen SDLC tulee määrittää ja käyttöönottaa. Kohdeorganisaatio toimii globaalin ohjelmistokehityksen (GSD) kontekstissa, jossa työtä tehdään useassa paikassa samanaikaisesti. Siksi on vielä tärkeämpää, että tietoturvavaatimuksista ollaan tietoisia ja käytetään sertifiointia. Nämä ovat mahdollisia keskittämällä lokinhallintaa esimerkiksi työkaluilla kuten keskitetyllä lokinhallinnalla (CLM), sovituilla menettelyillä ja rakentamalla monet lokinhallinnan edellyttämistä toiminnoista pilvialustaan. Tutkimusmenetelmänä on asiantuntija-analyysi laadullisin haastatteluin ja kyselyin kuudelle asiantuntijalle, joilla on usean vuoden kokemus aihealueesta. Tutkimus kerää asiantuntijoiden näkemykset lokinhallinnan parhaista käytännöistä huomioiden myös lainsäädännön, standardit ja kirjallisuuskatsauksen sekä artikkelit aiheesta. Kerätty materiaali analysoitiin koodaamalla ne ohjelmistokehitysprosessin, työkalujen, lokeihin liittyvien vaatimusten ja toimintojen pohjalta induktiivisesti. Tämä tutkimus päättelee, että lokinhallintatoimintojen tulee perustua ohjelmistokehityksen elinkaareen (SDLC). Keskittymällä ratkaisujen rakentamisprosessiin voidaan varmistaa, että rakennettava tuote on laadukas. Jokainen asiantuntija oli samaa mieltä, että hyvin määritelty pilviarkkitehtuuri auttaa varmistamaan, että monet lokeihin liittyvät vaatimukset käsitellään oikein. Yhtä tärkeää on määrittää standardoidut lokinhallintaprosessit työskentelytavoiksi, kuten lokitarkastuksiksi, turvallisten koodauskäytäntöjen, kuten OWASP:n (Open Worldwide Application Security Project) noudattaminen ja SDLC-prosessia tukevien työkalujen, kuten Jiran, käyttö työn organisointiin ja seurantaan. Logs are important because they inform about the system health and can be used to identify any type of cyber-attacks or give a data-based overview of users’ ways of working. Recent legislation and standards enforce log management. NIS2 directive forces certain manufacturers to take logging procedures into software development process’ phases. Software management automation should be promoted as defined in standards IEC 62443 and ISO 27001. This covers distribution of log management tools, technical guidance in log management and delivering the needed data to the log management personnel. ISO 27001 even mentions one of its controls being that the secure development lifecycle should be established and applied. The target organization of this study operates in Global Software Development (GSD) where work is being done in many locations simultaneously. In GDS, it is even more important that the security requirements are known, and certification is used. This is possible via centralizing the log management with tools such as Centralized Log Management (CLM), agreed procedures, and building many of the log management required functionality on the cloud platform. The research method used is expert analysis with qualitative interviews and a survey with six participants who all have several years of domain expertise. The research gathers the views of subject matter experts around the log management best practices but also reflects the legislation, standards, literature review, and articles about the topic. The gathered data was analyzed via theming in reflection on the software development process, tooling, logging related requirements, and logging activities inductively. This research concludes that the log management activities should be built on the Software Development Lifecycle (SDLC). Placing focus on the process of how solutions are built, one can ensure that the product being built will be of good quality. All interviewed experts agreed that a well-defined cloud architecture helps to ensure many of the log related requirements are handled accordingly. As important is to set up standardized log management processes into ways of working such as log inspections, following secure coding practices such as OWASP (Open Worldwide Application Security Project), and using tools supporting SDLC process such as Jira as a management tool to organize and track the work.
first_indexed 2024-11-21T21:00:59Z
format Pro gradu
free_online_boolean 1
fullrecord [{"key": "dc.contributor.advisor", "value": "Koskelainen, Tiina", "language": null, "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Alavesa, Piia", "language": null, "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2024-11-20T15:45:33Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2024-11-20T15:45:33Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2024", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/98565", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Lokit ovat t\u00e4rkeit\u00e4, koska ne kertovat j\u00e4rjestelm\u00e4n tilasta, ja niiden avulla voidaan tunnistaa mink\u00e4 tahansa tyyppiset kyberhy\u00f6kk\u00e4ykset tai luoda tietopohjainen kuva k\u00e4ytt\u00e4jien ty\u00f6tavoista. Monet viimeaikaiset lait ja standardit pakottavat lokinhallintaan. NIS2 direktiivi pakottaa tietyt valmistajat huomioimaan lokinhallinnan ja -k\u00e4sittelyn ohjelmistokehitysprosessin vaiheissa. Ohjelmistohallinnan automaatiota tulisi edist\u00e4\u00e4 my\u00f6s standardien IEC 62443 ja ISO 27001 mukaisesti. T\u00e4m\u00e4 sis\u00e4lt\u00e4\u00e4 lokinhallintaty\u00f6kalujen ja ty\u00f6kaludokumentaation, lokinhallintatoimintojen teknisen ohjeistuksen ja tiedon jakamisen lokinhallintahenkil\u00f6st\u00f6lle. ISO 27001 jopa mainitsee yhdeksi menetelmist\u00e4\u00e4n sen, ett\u00e4 turvallinen SDLC tulee m\u00e4\u00e4ritt\u00e4\u00e4 ja k\u00e4ytt\u00f6\u00f6nottaa. Kohdeorganisaatio toimii globaalin ohjelmistokehityksen (GSD) kontekstissa, jossa ty\u00f6t\u00e4 tehd\u00e4\u00e4n useassa paikassa samanaikaisesti. Siksi on viel\u00e4 t\u00e4rke\u00e4mp\u00e4\u00e4, ett\u00e4 tietoturvavaatimuksista ollaan tietoisia ja k\u00e4ytet\u00e4\u00e4n sertifiointia. N\u00e4m\u00e4 ovat mahdollisia keskitt\u00e4m\u00e4ll\u00e4 lokinhallintaa esimerkiksi ty\u00f6kaluilla kuten keskitetyll\u00e4 lokinhallinnalla (CLM), sovituilla menettelyill\u00e4 ja rakentamalla monet lokinhallinnan edellytt\u00e4mist\u00e4 toiminnoista pilvialustaan.\nTutkimusmenetelm\u00e4n\u00e4 on asiantuntija-analyysi laadullisin haastatteluin ja kyselyin kuudelle asiantuntijalle, joilla on usean vuoden kokemus aihealueesta. Tutkimus ker\u00e4\u00e4 asiantuntijoiden n\u00e4kemykset lokinhallinnan parhaista k\u00e4yt\u00e4nn\u00f6ist\u00e4 huomioiden my\u00f6s lains\u00e4\u00e4d\u00e4nn\u00f6n, standardit ja kirjallisuuskatsauksen sek\u00e4 artikkelit aiheesta. Ker\u00e4tty materiaali analysoitiin koodaamalla ne ohjelmistokehitysprosessin, ty\u00f6kalujen, lokeihin liittyvien vaatimusten ja toimintojen pohjalta induktiivisesti. \nT\u00e4m\u00e4 tutkimus p\u00e4\u00e4ttelee, ett\u00e4 lokinhallintatoimintojen tulee perustua ohjelmistokehityksen elinkaareen (SDLC). Keskittym\u00e4ll\u00e4 ratkaisujen rakentamisprosessiin voidaan varmistaa, ett\u00e4 rakennettava tuote on laadukas. Jokainen asiantuntija oli samaa mielt\u00e4, ett\u00e4 hyvin m\u00e4\u00e4ritelty pilviarkkitehtuuri auttaa varmistamaan, ett\u00e4 monet lokeihin liittyv\u00e4t vaatimukset k\u00e4sitell\u00e4\u00e4n oikein. Yht\u00e4 t\u00e4rke\u00e4\u00e4 on m\u00e4\u00e4ritt\u00e4\u00e4 standardoidut lokinhallintaprosessit ty\u00f6skentelytavoiksi, kuten lokitarkastuksiksi, turvallisten koodausk\u00e4yt\u00e4nt\u00f6jen, kuten OWASP:n (Open Worldwide Application Security Project) noudattaminen ja SDLC-prosessia tukevien ty\u00f6kalujen, kuten Jiran, k\u00e4ytt\u00f6 ty\u00f6n organisointiin ja seurantaan.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Logs are important because they inform about the system health and can be used to identify any type of cyber-attacks or give a data-based overview of users\u2019 ways of working. Recent legislation and standards enforce log management. NIS2 directive forces certain manufacturers to take logging procedures into software development process\u2019 phases. Software management automation should be promoted as defined in standards IEC 62443 and ISO 27001. This covers distribution of log management tools, technical guidance in log management and delivering the needed data to the log management personnel. ISO 27001 even mentions one of its controls being that the secure development lifecycle should be established and applied. The target organization of this study operates in Global Software Development (GSD) where work is being done in many locations simultaneously. In GDS, it is even more important that the security requirements are known, and certification is used. This is possible via centralizing the log management with tools such as Centralized Log Management (CLM), agreed procedures, and building many of the log management required functionality on the cloud platform.\nThe research method used is expert analysis with qualitative interviews and a survey with six participants who all have several years of domain expertise. The research gathers the views of subject matter experts around the log management best practices but also reflects the legislation, standards, literature review, and articles about the topic. The gathered data was analyzed via theming in reflection on the software development process, tooling, logging related requirements, and logging activities inductively. \nThis research concludes that the log management activities should be built on the Software Development Lifecycle (SDLC). Placing focus on the process of how solutions are built, one can ensure that the product being built will be of good quality. All interviewed experts agreed that a well-defined cloud architecture helps to ensure many of the log related requirements are handled accordingly. As important is to set up standardized log management processes into ways of working such as log inspections, following secure coding practices such as OWASP (Open Worldwide Application Security Project), and using tools supporting SDLC process such as Jira as a management tool to organize and track the work.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by jyx lomake-julkaisija (jyx-julkaisija.group@korppi.jyu.fi) on 2024-11-20T15:45:33Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2024-11-20T15:45:33Z (GMT). No. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "76", "language": null, "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "eng", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "CC BY-NC-ND 4.0", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.title", "value": "Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis", "language": null, "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202411207398", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Kyberturvallisuuden maisteriohjelma", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Master's Degree Programme in Cyber Security", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.copyright", "value": "\u00a9 The Author(s)", "language": null, "element": "rights", "qualifier": "copyright", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://creativecommons.org/licenses/by-nc-nd/4.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
id jyx.123456789_98565
language eng
last_indexed 2025-02-18T10:54:13Z
main_date 2024-01-01T00:00:00Z
main_date_str 2024
online_boolean 1
online_urls_str_mv {"url":"https:\/\/jyx.jyu.fi\/bitstreams\/d5e17b09-e1c6-42d2-b265-f1687c15c59f\/download","text":"URN:NBN:fi:jyu-202411207398.pdf","source":"jyx","mediaType":"application\/pdf"}
publishDate 2024
record_format qdc
source_str_mv jyx
spellingShingle Alavesa, Piia Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis Kyberturvallisuuden maisteriohjelma Master's Degree Programme in Cyber Security
title Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis
title_full Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis
title_fullStr Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis
title_full_unstemmed Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis
title_short Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis
title_sort log management best practices in cloud based software development lifecycle expert analysis
title_txtP Log Management Best Practices in Cloud Based Software Development Lifecycle, Expert Analysis
topic Kyberturvallisuuden maisteriohjelma Master's Degree Programme in Cyber Security
topic_facet Kyberturvallisuuden maisteriohjelma Master's Degree Programme in Cyber Security
url https://jyx.jyu.fi/handle/123456789/98565 http://www.urn.fi/URN:NBN:fi:jyu-202411207398
work_keys_str_mv AT alavesapiia logmanagementbestpracticesincloudbasedsoftwaredevelopmentlifecycleexpertanalysis

Similar Items