1. CSN
  2. All Volumes and Issues
  3. Volume 7, Number 1, 2025
  4. Exploring the Effectiveness of Using Centralized Configuration Storage to Securely Manage Cloud Services Infrastructure

Exploring the Effectiveness of Using Centralized Configuration Storage to Securely Manage Cloud Services Infrastructure

CSN.
2025;
Volume 7, Number 1
: pp. 218 - 234
https://doi.org/10.23939/csn2025.01.218
Authors:
  1. Y. V. Matseniuk
1
Lviv Polytechnic National University, Department of Information Protection

In the current context of widespread adoption of cloud technologies such as AWS, GCP, and Azure, organizations face challenges in centralized management of cloud resources, including ensuring security standards, monitoring service metrics, optimizing costs, and managing configurations. The main issue lies in the differences in the architecture of services provided by various cloud vendors, which complicates the integration and standardization of processes in multi-cloud environments.
This article focuses on analyzing the issues of centralized configuration management using the Configuration Management Database (CMDB) as a single source of truth. The study examines methods of organizing and managing CMDB in public cloud environments, with an emphasis on access management, organizational structures, subscriptions, and cloud resource inventory. Particular attention is paid to developing recommendations for optimizing management processes to improve overall efficiency and security.
The practical part of the study involves the integration of the Cherwell system as a CMDB with automated data collection through the Prisma API. This integration allows for the automation of resource inventory, reducing the risk of human errors, improving data accuracy, and ensuring compliance with security standards. Additionally, by centralizing data and analyzing it in Power BI, the study demonstrated the effectiveness of the approach in the context of a multi-cloud environment.
The purpose of this study is to develop a scientifically grounded approach to centralized configuration management of cloud infrastructure based on the use of a single data repository for configurations (CMDB). The study includes a detailed analysis of the challenges of cloud configuration management, the features of major cloud providers’ services, and their integration into a unified informational model. The primary focus is on developing recommendations for building an efficient configuration management system that considers multi-cloud environments, security requirements, and operational processes.
The practical aspect of the study is based on the integration of the Cherwell system as a CMDB with Prisma API to automate data collection in a multi-cloud environment. This integration demonstrated significant advantages, including improved data accuracy, reduced manual work, enhanced information security, and optimized management processes.
Thus, the aim of the study is not only to provide a theoretical justification of centralized management methods for cloud resources but also to develop practical recommendations to improve the efficiency and security of configuration management in multi-cloud environments.

Public cloud environments
configuration management
automation
integration
  1. Ellison M., Calinescu R., Paige R. Evaluating cloud database migration options using workload models. Journal of Cloud Computing. 2018. 7. 1–18. Doi: https://doi.org/10.1186/s13677-018-0108-5.
  2. Brenner M., Gillmeister M. Designing CMDB data models with good utility and limited complexity. 2014 IEEE Network Operations and Management Symposium (NOMS), 2014. 1–15. Doi: https://doi.org/ 10.1109/NOMS.2014.6838375.
  3. Herrick D. CMDB Assessment and Remediation. Proceedings of the 2023 ACM SIGUCCS Annual Conference. 2023. Doi: https://doi.org/10.1145/3539811.3579551.
  4. Keller A., Subramanian S. Best practices for deploying a CMDB in large-scale environments. 2009 IFIP/IEEE International Symposium on Integrated Network Management. 2009. 732–745. Doi: https://doi.org/10.1109/INM.2009.5188880.
  5. Yaici M. P2P-based Solution for the Cloud Availability: The paper is about using a peer-to-peer configuration of the cloud users in order to respond quickly to a particular user request in case of the unavailability of the cloud. Proceedings of the 2022 6th International Conference on Cloud and Big Data Computing. 2022. Doi: https://doi.org/10.1145/3555962.3555963.
  6. Yen-Jen C., Chen W. Implementation of a High Available Database on Virtualizing Cloud Platform. 2023 5th International Conference on Computer Communication and the Internet (ICCCI), 2023. 229–235. Doi: https://doi.org/10.1109/ICCCI59363.2023.10210178.
  7. Tasiran A. J., Barbosa S., Barthe M. et al. A Machine-Checked Proof of Security for AWS Key Management Service. 2019. 63-78. Doi: https://doi.org/10.1145/3319535.3354228.
  8. Banakh R., Piskozub A., Stefinko Y. External elements of honeypot for wireless network. 2016 13th International Conference on Modern Problems of Radio Engineering, Telecommunications and Computer Science (TCSET). Lviv, Ukraine, 2016. Pp. 480-482. Doi: https://doi.org/10.1109/TCSET.2016.7452093.
  9. Martseniuk Y., Partyka A., Harasymchuk O., Nyemkova E., Karpinski M. Shadow IT risk analysis in public cloud infrastructure. CEUR Workshop Proceedings. 2024. Pp. 22-31. 3800.
  10. Muppa Kaushik Reddy. Advancing Cloud Security with AI-Enhanced AWS Identity and Access Management.    International    research    journal    of    engineering    &    applied    sciences.    2022.    25-28.    Doi:    https://doi.org/10.55083/irjeas.2022.v10i01005.
  11. Vakhula O., Opirskyy I., Mykhaylova O. Research on Security Challenges in Cloud Environments and Solutions based on the “security-as-Code” Approach CEUR Workshop Proceedings. 2023. 3550. Pp. 55–69.
  12. Horpenyuk A., Opirskyy I., Vorobets P. Analysis of problems and prospects of implementation of post- quantum cryptographic algorithms. CEUR Workshop Proceedings. 2023. Vol. 3504 : Workshop on classic, quantum, and post-quantum cryptography, CQPC’2023. Pp. 39–49.
  13. Martseniuk Y., Partyka A., Harasymchuk O., Shevchenko S. Universal centralized secret data management for automated public cloud provisioning CEUR Workshop Proceedings. 2024. 3826. Pp. 72-81.
  14. Raj Pritish. Continuous Integration for New Service Deployment and Service Validation Script for Vault. Interantional   journal   of   scientific   research   in   engineering   and   management.   2024.   08.   1-5.    Doi:    https://doi.org/10.55041/IJSREM35565.
  15. Drogseth Dennis, Sturm Rick, Twing Dan. CMDB System Deployment Stages. 2015. Doi: https://doi.org/10.1016/B978-0-12-801265-9.00004-4.
  16. Wang Jiangning, Yang Lilong, Zheng Wei, Zhang Jun. Study on Comparative Performance of CL-20/RDX- based CMDB Propellants. Propellants, Explosives, Pyrotechnics. 2019. 44. Doi: https://doi.org/10.1002/prep.201900029.
  17. Sun Shixiong, Zhao Benbo, Zhang Guangpu, Yunjun Luo. Applying Mechanically Activated Al/PTFE in CMDB Propellant. Propellants, Explosives, Pyrotechnics. 2018. 43. Doi: https://doi.org/10.1002/prep.201800143.
  18. Keller A., Subramanian S. Best Practices for Deploying a CMDB in large-scale Environments. 2009. 732-745. Doi: https://doi.org/10.1109/INM.2009.5188880.
  19. Enunnl Sravani. Ai and CMDB: pioneering a new era in it management author. 2024.
  20. Enunnl Sravani. Leveraging Artificial Intelligence for Configuration Management Database (CMDB) Optimization: A Comprehensive Analysis. 2024.
  21. Niewiadomski Szymon, Mzyk Grzegorz. ML Support for Conformity Checks in CMDB-Like Databases. 2023. Doi: https://doi.org/10.1007/978-3-031-42508-0_33 .
  22. Maes Stephane. CMDB best practices: how to successfully implement CMDB in your organization. IFS Blog. 2023.
  23. Enunnl SravaniHarnessing the Synergy: Exploring the Benefits of Artificial Intelligence and Configuration Management Database (CMDB). 2024.
  24. Martseniuk Y., Partyka A., Harasymchuk O., Korshun N. Automated Conformity Verification Concept for Cloud Security. CEUR Workshop Proceedings. 2024. 3654. Pp. 25-37.
  25. Yin Jianping, Li Meng, Du Wenxuan, He Xuanfu, Song Jun, Hu Bowen, Huang Meng, Li Yang, Miao Yinggang. Mechanical behaviors and failure mechanisms of CMDB propellant under wide strain rate tension loading. Journal of Physics: Conference Series. 2023. 2535. 012010. Doi: https://doi.org/10.1088/17426596/2535/1/012010.
  26. Wei Huanan, Li Tianpeng, Yao Kai, Xuan Zhaolong. ReaxFF molecular dynamics simulations on thermal decomposition of RDX-based CMDB propellants. Journal of Molecular Modeling. 2022. 28. 388. Doi: https://doi.org/10.1007/s00894-022-05377-4.
  27. Zheng Jian, Wang W.-Q, Cheng X.. Xu J.-S, Zhou Cunshan. Effects of loading rate and microstructure on dynamic  fracture  toughness  of  CMDB  propellant.  Journal  of  Propulsion  Technology.  2015.  36.  940-946.  Doi:    https://doi.org/10.13675/j.cnki.tjjs.2015.06.019.
  28. Wang Tao, Duan Jingjing, Zhai Jiaqi, Zhao Jing, Gao Yulong, Gao Feng, Zhang Longlong, Zhao Yifei. Research on a cloud model intelligent computing platform for water resource management. Journal of Hydroinformatics. 2024. 26. Doi: https://doi.org/10.2166/hydro.2024.223.
  29. Narayanan Pavan. Engineering Data Pipelines Using Google Cloud Platform, 2024. Doi: https://doi.org/10.1007/979-8-8688-0602-5_16.
  30. Gulati Samridhi, Tyagi Ayushi, Goel Pawan. Security Automation and Orchestration in the Cloud, 2024. Doi:    https://doi.org/10.4018/979-8-3693-3249-8.ch002
  31. Nayyar Kshitiz. Best practices for seamless integration of Robotic Process Automation (RPA) and cloud technologies.    International    Journal    of    Science    and    Research    Archive.    2024.    13.    3337-3345.    Doi:    https://doi.org/10.30574/ijsra.2024.13.2.2560.
  32. Bolu Toluwani, Ade Martins. Leveraging AI and Automation in Cloud Security for Vulnerability Management, 2024.
  33. Bishukarma Ramesh. Optimising Cloud Security in Multi-Cloud Environments: A Study of Best Practices. Technix International Journal for Engineering Research. 2024. 11. a590-a598.
  34. Sreerangapuri Ashok. Blockchain-Enabled AI Governance for Scalable Cloud Security Automation. International  journal  of  computer  engineering  & technology.  2024.  15.  947-959.  Doi:  https://doi.org/  10.5281/ zenodo.13962366.
  35. Thokala Vasudhar Sai. Scalable Cloud Deployment and Automation for E-Commerce Platforms Using AWS, Heroku, and Ruby on Rails. International Journal of Advanced Research in Science, Communication and Technology. 2023. 349-362. Doi: https://doi.org/10.48175/IJARSCT-13555A.
  36. Suram Kiran. Innovations in Infrastructure Automation: Advancing IAM in Cloud Security. International Journal of Scientific Research in Computer Science, Engineering and Information Technology. 2025. 11. 255-263. Doi: https://doi.org/10.32628/CSEIT25111223.