The author of this document has limited its availability to on-campus or logged-in CSUSB users only.
Off-campus CSUSB users: To download restricted items, please log in to our proxy server with your MyCoyote username and password.
Date of Award
12-2024
Document Type
Restricted Project: Campus only access
Degree Name
Master of Science in Information Systems and Technology
Department
Information and Decision Sciences
First Reader/Committee Chair
Coulson, Tony.
Abstract
Low-Code Development Platforms (LCDPs) are becoming increasingly popular among organizations looking to speed up application development and broaden access to software creation beyond traditional developers. However, their ease of use raises significant security concerns. This project investigates the security features of three prominent LCDPs; Microsoft PowerApps, Mendix, and Pega to understand how well they align with established security standards. The research question sought to establish the differences in security feature implementation across various LCDPs, and how do these differences impact overall platform security?
To answer the question, a qualitative analysis was conducted by mapping each platform’s security features to controls listed in NIST Special Publication SP 800-53, enabling a structured comparison across key security areas such as data encryption, access control, and auditing. The findings are: (a) While all three platforms meet basic security standards, there are notable differences in flexibility, integration, and customizability. (b) PowerApps integrates strongly with Microsoft’s ecosystem, Mendix offers Hardware Security Module (HSM) support, and Pega Supports multi-cloud key management services.
This research finds that although LCDPs align with industry-standard security controls, their implementations vary, affecting their suitability for different organizational needs. Future research could involve hands-on testing to evaluate platform security in real-world contexts and examine the impact of evolving threats on LCDP security, along with analyzing more platforms such as OutSystems, Zoho Creator, and Appian.
Recommended Citation
Soto Orozco, Eduardo, "AN ANALYSIS ON LOW-CODE DEVELOPMENT PLATFORM SECURITY" (2024). Electronic Theses, Projects, and Dissertations. 2075.
https://scholarworks.lib.csusb.edu/etd/2075