{"id":"https://openalex.org/W7128495655","doi":"https://doi.org/10.3390/software5010006","title":"Integrating Continuous Compliance into DevSecOps Pipelines: A Data Engineering Perspective","display_name":"Integrating Continuous Compliance into DevSecOps Pipelines: A Data Engineering Perspective","publication_year":2026,"publication_date":"2026-02-10","ids":{"openalex":"https://openalex.org/W7128495655","doi":"https://doi.org/10.3390/software5010006"},"language":"en","primary_location":{"id":"doi:10.3390/software5010006","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software5010006","pdf_url":"https://www.mdpi.com/2674-113X/5/1/6/pdf?version=1770712088","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://www.mdpi.com/2674-113X/5/1/6/pdf?version=1770712088","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5125575228","display_name":"Aleksandr Zakharchenko","orcid":null},"institutions":[{"id":"https://openalex.org/I155673605","display_name":"Union University","ror":"https://ror.org/02c561939","country_code":"US","type":"education","lineage":["https://openalex.org/I155673605"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Aleksandr Zakharchenko","raw_affiliation_strings":["Independent Researcher, Union, NJ 07083, USA"],"affiliations":[{"raw_affiliation_string":"Independent Researcher, Union, NJ 07083, USA","institution_ids":["https://openalex.org/I155673605"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5125575228"],"corresponding_institution_ids":["https://openalex.org/I155673605"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.33071315,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"5","issue":"1","first_page":"6","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.6707000136375427,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.6707000136375427,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.09920000284910202,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.050200000405311584,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/verifiable-secret-sharing","display_name":"Verifiable secret sharing","score":0.7515000104904175},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6585000157356262},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.5712000131607056},{"id":"https://openalex.org/keywords/pipeline","display_name":"Pipeline (software)","score":0.5404999852180481},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.5078999996185303},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4738999903202057},{"id":"https://openalex.org/keywords/compliance","display_name":"Compliance (psychology)","score":0.4323999881744385},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.34049999713897705}],"concepts":[{"id":"https://openalex.org/C85847156","wikidata":"https://www.wikidata.org/wiki/Q59015987","display_name":"Verifiable secret sharing","level":3,"score":0.7515000104904175},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6585000157356262},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.5712000131607056},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5447999835014343},{"id":"https://openalex.org/C43521106","wikidata":"https://www.wikidata.org/wiki/Q2165493","display_name":"Pipeline (software)","level":2,"score":0.5404999852180481},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.5078999996185303},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4812999963760376},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4738999903202057},{"id":"https://openalex.org/C2781460075","wikidata":"https://www.wikidata.org/wiki/Q1399332","display_name":"Compliance (psychology)","level":2,"score":0.4323999881744385},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3864000141620636},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.382999986410141},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.37779998779296875},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.34049999713897705},{"id":"https://openalex.org/C80958533","wikidata":"https://www.wikidata.org/wiki/Q1047174","display_name":"Audit trail","level":3,"score":0.3086000084877014},{"id":"https://openalex.org/C85345410","wikidata":"https://www.wikidata.org/wiki/Q851587","display_name":"Business process","level":3,"score":0.30809998512268066},{"id":"https://openalex.org/C76844732","wikidata":"https://www.wikidata.org/wiki/Q4072285","display_name":"Conformance testing","level":3,"score":0.30709999799728394},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.298799991607666},{"id":"https://openalex.org/C189950617","wikidata":"https://www.wikidata.org/wiki/Q937228","display_name":"Property (philosophy)","level":2,"score":0.2946999967098236},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.2924000024795532},{"id":"https://openalex.org/C35869016","wikidata":"https://www.wikidata.org/wiki/Q846636","display_name":"Software architecture","level":3,"score":0.2921999990940094},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.2824000120162964},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.26750001311302185},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.2669999897480011},{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.26190000772476196},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.2517000138759613},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.2517000138759613}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/software5010006","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software5010006","pdf_url":"https://www.mdpi.com/2674-113X/5/1/6/pdf?version=1770712088","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:249b5f45c52a4974825833025663a43a","is_oa":true,"landing_page_url":"https://doaj.org/article/249b5f45c52a4974825833025663a43a","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Software, Vol 5, Iss 1, p 6 (2026)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/software5010006","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software5010006","pdf_url":"https://www.mdpi.com/2674-113X/5/1/6/pdf?version=1770712088","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7128495655.pdf","grobid_xml":"https://content.openalex.org/works/W7128495655.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Modern":[0],"DevSecOps":[1],"environments":[2],"face":[3],"a":[4,55,72,93,103,135,153],"persistent":[5],"tension":[6],"between":[7],"accelerating":[8],"deployment":[9,171],"velocity":[10],"and":[11,18,25,44,84,113,139],"maintaining":[12],"verifiable":[13,86,161],"compliance":[14,27,42,61,70,106,148],"with":[15,134],"regulatory,":[16],"security,":[17],"internal":[19],"governance":[20],"standards.":[21],"Traditional":[22],"snapshot-in-time":[23],"audits":[24],"fragmented":[26],"tooling":[28],"struggle":[29],"to":[30,89,158],"capture":[31],"the":[32,50,90,164],"dynamic":[33],"nature":[34],"of":[35,163],"containerized,":[36],"continuous":[37,114],"delivery,":[38],"often":[39],"resulting":[40],"in":[41],"drift":[43],"delayed":[45],"remediation.":[46],"This":[47],"paper":[48],"introduces":[49],"Continuous":[51],"Compliance":[52,94],"Framework":[53],"(CCF),":[54],"data-centric":[56],"reference":[57],"architecture":[58,118],"that":[59,97,147],"embeds":[60],"validation":[62],"directly":[63],"into":[64,102],"CI/CD":[65],"pipelines.":[66],"The":[67,116],"framework":[68],"treats":[69],"as":[71],"first-class,":[73],"computable":[74],"system":[75],"property":[76,162],"by":[77],"combining":[78],"declarative":[79],"policies-as-code,":[80],"standardized":[81],"evidence":[82,111],"collection,":[83],"cryptographically":[85],"attestations.":[87],"Central":[88],"approach":[91],"is":[92,119],"Data":[95],"Lakehouse":[96],"transforms":[98],"heterogeneous":[99],"pipeline":[100,137],"artifacts":[101],"queryable,":[104],"time-indexed":[105],"data":[107],"product,":[108],"enabling":[109],"audit-ready":[110],"generation":[112],"assurance.":[115],"proposed":[117],"validated":[120],"through":[121],"an":[122,159],"end-to-end":[123],"synthetic":[124],"microservice":[125],"implementation.":[126],"Experimental":[127],"results":[128],"demonstrate":[129],"full":[130],"policy":[131,141],"lifecycle":[132],"enforcement":[133],"minimal":[136],"overhead":[138],"sub-second":[140],"evaluation":[142],"latency.":[143],"These":[144],"findings":[145],"indicate":[146],"can":[149],"be":[150],"shifted":[151],"from":[152],"post":[154],"hoc":[155],"audit":[156],"activity":[157],"intrinsic,":[160],"software":[165],"delivery":[166],"process":[167],"without":[168],"materially":[169],"degrading":[170],"velocity.":[172]},"counts_by_year":[],"updated_date":"2026-03-30T08:08:38.191290","created_date":"2026-02-11T00:00:00"}