A Preliminary Study of Privilege Life Cycle in Software Management Platform Automation Workflows

Abstract

This paper focuses on the role of privileges in automation workflows within modern software development practices, which heavily rely on DevOps principles. Automation workflows, which are sets of automated software management processes, have become essential to software development and are integrated into software management platforms such as GitHub, GitLab, and BitBucket. However, privileges are crucial in ensuring the security and integrity of the software development process. This paper aims to identify the phases in which privileges are involved in automation workflows and analyze how these platforms handle the privilege life cycle in automation workflows to provide a better understanding of their security implications. The security discussion highlighted in this analysis aims to stimulate solutions and further research.