{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T15:50:53Z","timestamp":1778169053684,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,12,4]],"date-time":"2023-12-04T00:00:00Z","timestamp":1701648000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["314720630"],"award-info":[{"award-number":["314720630"]}],"id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002428","name":"Austrian Science Fund","doi-asserted-by":"publisher","award":["I 4731-N"],"award-info":[{"award-number":["I 4731-N"]}],"id":[{"id":"10.13039\/501100002428","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,12,4]]},"DOI":"10.1145\/3603166.3632135","type":"proceedings-article","created":{"date-parts":[[2024,4,4]],"date-time":"2024-04-04T19:23:27Z","timestamp":1712258607000},"page":"1-11","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Compliance Management of IaC-Based Cloud Deployments During Runtime"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8064-9293","authenticated-orcid":false,"given":"Ghareeb","family":"Falazi","sequence":"first","affiliation":[{"name":"Institute of Architecture of Application Systems, University of Stuttgart, Stuttgart, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1011-4362","authenticated-orcid":false,"given":"Lukas","family":"Harzenetter","sequence":"additional","affiliation":[{"name":"Institute of Architecture of Application Systems, University of Stuttgart, Stuttgart, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1392-9789","authenticated-orcid":false,"given":"K\u00e1lm\u00e1n","family":"K\u00e9pes","sequence":"additional","affiliation":[{"name":"Institute of Architecture of Application Systems, University of Stuttgart, Stuttgart, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9123-259X","authenticated-orcid":false,"given":"Frank","family":"Leymann","sequence":"additional","affiliation":[{"name":"Institute of Architecture of Application Systems, University of Stuttgart, Stuttgart, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8816-5541","authenticated-orcid":false,"given":"Uwe","family":"Breitenb\u00fccher","sequence":"additional","affiliation":[{"name":"Reutlingen University, Reutlingen, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7997-905X","authenticated-orcid":false,"given":"Evangelos","family":"Ntentos","sequence":"additional","affiliation":[{"name":"Research Group Software Architecture, Faculty of Computer Science, University of Vienna, Vienna, Austria"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6233-2591","authenticated-orcid":false,"given":"Uwe","family":"Zdun","sequence":"additional","affiliation":[{"name":"Research Group Software Architecture, Faculty of Computer Science, University of Vienna, Vienna, Austria"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-7641-3257","authenticated-orcid":false,"given":"Martin","family":"Becker","sequence":"additional","affiliation":[{"name":"IBM Deutschland, B\u00f6blingen, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-7009-8455","authenticated-orcid":false,"given":"Elena","family":"Heldwein","sequence":"additional","affiliation":[{"name":"IBM Deutschland, B\u00f6blingen, Germany"}]}],"member":"320","published-online":{"date-parts":[[2024,4,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Amazon Web Services. 2023. AWS Config Documentation. https:\/\/docs.aws.amazon.com\/config\/"},{"key":"e_1_3_2_1_2_1","volume-title":"Michele Guerriero, and Damian Andrew Tamburri.","author":"Artac Matej","year":"2017","unstructured":"Matej Artac, Tadej Borovssak, Elisabetta Di Nitto, Michele Guerriero, and Damian Andrew Tamburri. 2017. DevOps: Introducing Infrastructure-as-Code. In IEEE\/ACM ICSE-C'17. 497--498."},{"key":"e_1_3_2_1_3_1","volume-title":"OpenTOSCA - A Runtime for TOSCA-based Cloud Applications. In ICSOC'13","volume":"8274","author":"Binz Tobias","year":"2013","unstructured":"Tobias Binz, Uwe Breitenb\u00fccher, Florian Haupt, Oliver Kopp, Frank Leymann, Alexander Nowak, and Sebastian Wagner. 2013. OpenTOSCA - A Runtime for TOSCA-based Cloud Applications. In ICSOC'13, Vol. 8274. Springer, 692--695."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPAMI.2004.75"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2020.110726"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.softx.2020.100633"},{"key":"e_1_3_2_1_7_1","unstructured":"Defense Information Systems Agency. 2023. Security Technical Implementation Guides (STIGs). https:\/\/public.cyber.mil\/stigs\/"},{"key":"e_1_3_2_1_8_1","volume-title":"On Unifying the Compliance Management of Applications Based on IaC Automation","author":"Falazi Ghareeb","unstructured":"Ghareeb Falazi, Uwe Breitenb\u00fccher, Frank Leymann, Miles St\u00f6tzner, Evangelos Ntentos, Uwe Zdun, Martin Becker, and Elena Heldwein. 2022. On Unifying the Compliance Management of Applications Based on IaC Automation. In IEEE ICSA-C'22. IEEE, 226--229."},{"key":"e_1_3_2_1_9_1","volume-title":"SECURWARE'17","author":"Fischer Markus","year":"2017","unstructured":"Markus Fischer, Uwe Breitenb\u00fccher, K\u00e1lm\u00e1n K\u00e9pes, and Frank Leymann. 2017. Towards an Approach for Automatically Checking Compliance Rules in Deployment Models. In SECURWARE'17. Xpert Publishing Services (XPS), 150--153."},{"key":"e_1_3_2_1_10_1","unstructured":"Forum of Incident Response and Security Teams Inc. 2019. Common Vulnerability Scoring System version 3.1: User Guide. https:\/\/www.first.org\/cvss\/user-guide"},{"key":"e_1_3_2_1_11_1","unstructured":"Google Cloud. 2023. Security Command Center. https:\/\/cloud.google.com\/security-command-center"},{"key":"e_1_3_2_1_12_1","volume-title":"CLOSER'21","author":"Harzenetter Lukas","year":"2021","unstructured":"Lukas Harzenetter, Tobias Binz, Uwe Breitenb\u00fccher, Frank Leymann, and Michael Wurster. 2021. Automated Generation of Management Workflows for Running Applications by Deriving and Enriching Instance Models. In CLOSER'21. SciTePress, 99--110."},{"key":"e_1_3_2_1_13_1","first-page":"1","article-title":"An Integrated Management System for Composed Applications Deployed by Different Deployment Automation Technologies","volume":"4","author":"Harzenetter Lukas","year":"2023","unstructured":"Lukas Harzenetter, Uwe Breitenb\u00fccher, Tobias Binz, and Frank Leymann. 2023. An Integrated Management System for Composed Applications Deployed by Different Deployment Automation Technologies. SN Computer Science 4, 370 (2023), 1--16.","journal-title":"SN Computer Science"},{"key":"e_1_3_2_1_14_1","first-page":"2","article-title":"Rule-based runtime verification revisited","volume":"17","author":"Havelund Klaus","year":"2014","unstructured":"Klaus Havelund. 2014. Rule-based runtime verification revisited. International Journal on Software Tools for Technology Transfer 17, 2 (April 2014), 143--170.","journal-title":"International Journal on Software Tools for Technology Transfer"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.2307\/25148625"},{"key":"e_1_3_2_1_16_1","volume-title":"METRICS'05","author":"Hove S.E.","unstructured":"S.E. Hove and B. Anda. 2005. Experiences from conducting semi-structured interviews in empirical software engineering research. In METRICS'05. 10--23."},{"key":"e_1_3_2_1_17_1","volume-title":"Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation","author":"Humble Jez","year":"2010","unstructured":"Jez Humble and David Farley. 2010. Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation. Addison-Wesley Professional."},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the 8th European Conference on Service-Oriented and Cloud Computing (ESOCC","author":"Krieger Christoph","year":"2020","unstructured":"Christoph Krieger, Uwe Breitenb\u00fccher, Michael Falkenthal, Frank Leymann, Vladimir Yussupov, and Uwe Zdun. 2020. Monitoring Behavioral Compliance with Architectural Patterns Based on Complex Event Processing. In Proceedings of the 8th European Conference on Service-Oriented and Cloud Computing (ESOCC 2020). Springer International Publishing, 125--140."},{"key":"e_1_3_2_1_19_1","unstructured":"Christoph Krieger Uwe Breitenb\u00fccher K\u00e1lm\u00e1n K\u00e9pes and Frank Leymann. 2018. An Approach to Automatically Check the Compliance of Declarative Deployment Models. In SummerSoC'18. IBM Research Division 76--89."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106593"},{"key":"e_1_3_2_1_21_1","volume-title":"Towards Semantic Detection of Smells in Cloud Infrastructure Code. In WIMS'20","author":"Kumara Indika","year":"2020","unstructured":"Indika Kumara, Zoe Vasileiou, Georgios Meditskos, Damian A. Tamburri, Willem-Jan Van Den Heuvel, Anastasios Karakostas, Stefanos Vrochidis, and Ioannis Kompatsiaris. 2020. Towards Semantic Detection of Smells in Cloud Infrastructure Code. In WIMS'20 (Biarritz, France). ACM, 63--67."},{"key":"e_1_3_2_1_22_1","unstructured":"Microsoft. 2023. Azure Policy Documentation. https:\/\/learn.microsoft.com\/en-us\/azure\/governance\/policy\/"},{"key":"e_1_3_2_1_23_1","volume-title":"Infrastructure as Code: Dynamic Systems for the Cloud","author":"Morris Kief","unstructured":"Kief Morris. 2020. Infrastructure as Code: Dynamic Systems for the Cloud. Vol. 2. O'Reilly."},{"key":"e_1_3_2_1_25_1","volume-title":"ECSA'20","author":"Ntentos Evangelos","year":"2020","unstructured":"Evangelos Ntentos, Uwe Zdun, Konstantinos Plakidas, Sebastian Meixner, and Sebastian Geiger. 2020. Assessing Architecture Conformance to Coupling-Related Patterns and Practices in Microservices. In ECSA'20."},{"key":"e_1_3_2_1_26_1","volume-title":"ICSOC'20","author":"Ntentos Evangelos","year":"2020","unstructured":"Evangelos Ntentos, Uwe Zdun, Konstantinos Plakidas, Sebastian Meixner, and Sebastian Geiger. 2020. Metrics for Assessing Architecture Conformance to Microservice Architecture Patterns and Practices. In ICSOC'20."},{"key":"e_1_3_2_1_27_1","unstructured":"Palo Alto Networks Inc. 2023. Prisma\u2122 Cloud Administrator's Guide. https:\/\/docs.paloaltonetworks.com\/prisma\/prisma-cloud\/prisma-cloud-admin"},{"key":"e_1_3_2_1_28_1","volume-title":"Tao Xu, Greg Brockman, Christine McLeavey, and Ilya Sutskever.","author":"Radford Alec","year":"2022","unstructured":"Alec Radford, Jong Wook Kim, Tao Xu, Greg Brockman, Christine McLeavey, and Ilya Sutskever. 2022. Robust Speech Recognition via Large-Scale Weak Supervision. arXiv:2212.04356"},{"key":"e_1_3_2_1_29_1","unstructured":"Red Hat OpenShift Documentation Team. 2023. Security and Compliance OpenShift Container Platform. https:\/\/access.redhat.com\/documentation\/en-us\/openshift_container_platform\/4.13\/html\/security_and_compliance\/"},{"key":"e_1_3_2_1_30_1","volume-title":"An approach to automatically detect problems in restructured deployment models based on formalizing architecture and design patterns. SICS Software-Intensive Cyber-Physical Systems (Feb","author":"Saatkamp Karoline","year":"2019","unstructured":"Karoline Saatkamp, Uwe Breitenb\u00fccher, Oliver Kopp, and Frank Leymann. 2019. An approach to automatically detect problems in restructured deployment models based on formalizing architecture and design patterns. SICS Software-Intensive Cyber-Physical Systems (Feb. 2019), 1--13."},{"key":"e_1_3_2_1_31_1","volume-title":"MSR'16","author":"Sharma Tushar","year":"2016","unstructured":"Tushar Sharma, Marios Fragkoulis, and Diomidis Spinellis. 2016. Does Your Configuration Code Smell?. In MSR'16 (Austin, Texas). ACM, 189--200."},{"key":"e_1_3_2_1_32_1","volume-title":"Practical Fault Detection in Puppet Programs. In ICSE'20","author":"Sotiropoulos Thodoris","year":"2020","unstructured":"Thodoris Sotiropoulos, Dimitris Mitropoulos, and Diomidis Spinellis. 2020. Practical Fault Detection in Puppet Programs. In ICSE'20. ACM, 26--37."},{"key":"e_1_3_2_1_33_1","volume-title":"IEEE SANER'17","author":"van der Bent Eduard","year":"2018","unstructured":"Eduard van der Bent, Jurriaan Hage, Joost Visser, and Georgios Gousios. 2018. How good is your puppet? An empirically defined and validated quality model for puppet. In IEEE SANER'17. 164--174."},{"key":"e_1_3_2_1_34_1","unstructured":"VMware Aria Automation SaaS. 2023. Using Automation for Secure Hosts. https:\/\/docs.vmware.com\/en\/VMware-Aria-Automation\/SaaS\/using-automation-secure-hosts.pdf"},{"key":"e_1_3_2_1_35_1","unstructured":"VMWare Inc. 2023. Spring Expression Language. https:\/\/docs.spring.io\/spring-framework\/reference\/core\/expressions.html"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-43839-8"},{"key":"e_1_3_2_1_37_1","first-page":"63","article-title":"The Essential Deployment Metamodel: A Systematic Review of Deployment Automation Technologies","volume":"35","author":"Wurster Michael","year":"2019","unstructured":"Michael Wurster, Uwe Breitenb\u00fccher, Michael Falkenthal, Christoph Krieger, Frank Leymann, Karoline Saatkamp, and Jacopo Soldani. 2019. The Essential Deployment Metamodel: A Systematic Review of Deployment Automation Technologies. SICS 35 (2019), 63--75.","journal-title":"SICS"},{"key":"e_1_3_2_1_38_1","volume-title":"Deployment Enforcement Rules for TOSCA-based Applications. In SECURWARE'18","author":"Zimmermann Michael","year":"2018","unstructured":"Michael Zimmermann, Uwe Breitenb\u00fccher, Christoph Krieger, and Frank Leymann. 2018. Deployment Enforcement Rules for TOSCA-based Applications. In SECURWARE'18. XPS, 114--121."}],"event":{"name":"UCC '23: IEEE\/ACM 16th International Conference on Utility and Cloud Computing","location":"Taormina (Messina) Italy","acronym":"UCC '23","sponsor":["SIGARCH ACM Special Interest Group on Computer Architecture","IEEE TCSC"]},"container-title":["Proceedings of the IEEE\/ACM 16th International Conference on Utility and Cloud Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3603166.3632135","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3603166.3632135","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:49:09Z","timestamp":1750286949000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3603166.3632135"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,12,4]]},"references-count":37,"alternative-id":["10.1145\/3603166.3632135","10.1145\/3603166"],"URL":"https:\/\/doi.org\/10.1145\/3603166.3632135","relation":{},"subject":[],"published":{"date-parts":[[2023,12,4]]},"assertion":[{"value":"2024-04-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}