软件定义的基础设施:用更有能力的工具集重新思考网络安全

David E. Ott
{"title":"软件定义的基础设施:用更有能力的工具集重新思考网络安全","authors":"David E. Ott","doi":"10.1145/3273982.3273995","DOIUrl":null,"url":null,"abstract":"In Software Defined Infrastructure (SDI), virtualization techniques are used to decouple applications and higher-level services from their underlying physical compute, storage, and network resources. The approach offers a set of powerful new capabilities (isolation, encapsulation, portability, interposition), including the formation of a software-based, infrastructure-wide control plane for orchestrated management. In this position paper, we identify opportunities for revisiting ongoing cybersecurity challenges using SDI as a powerful new toolset. Benefits of this approach can be broadly utilized in public, private, and hybrid clouds, data centers, enterprise computing, IoT deployments, and more. The discussion motivates the research challenge underlying VMware's partnership with the National Science Foundation to fund novel and foundational research in this area. Known as the NSF/VMware Partnership on Software Defined Infrastructure as a Foundation for Clean-Slate Computing Security (SDI-CSCS), the jointly funded university research program is set to begin in the fall of 2017.","PeriodicalId":7046,"journal":{"name":"ACM SIGOPS Oper. Syst. Rev.","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2018-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Software Defined Infrastructure: Rethinking Cybersecurity with a More Capable Toolset\",\"authors\":\"David E. Ott\",\"doi\":\"10.1145/3273982.3273995\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In Software Defined Infrastructure (SDI), virtualization techniques are used to decouple applications and higher-level services from their underlying physical compute, storage, and network resources. The approach offers a set of powerful new capabilities (isolation, encapsulation, portability, interposition), including the formation of a software-based, infrastructure-wide control plane for orchestrated management. In this position paper, we identify opportunities for revisiting ongoing cybersecurity challenges using SDI as a powerful new toolset. Benefits of this approach can be broadly utilized in public, private, and hybrid clouds, data centers, enterprise computing, IoT deployments, and more. The discussion motivates the research challenge underlying VMware's partnership with the National Science Foundation to fund novel and foundational research in this area. Known as the NSF/VMware Partnership on Software Defined Infrastructure as a Foundation for Clean-Slate Computing Security (SDI-CSCS), the jointly funded university research program is set to begin in the fall of 2017.\",\"PeriodicalId\":7046,\"journal\":{\"name\":\"ACM SIGOPS Oper. Syst. Rev.\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-08-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM SIGOPS Oper. Syst. Rev.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3273982.3273995\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM SIGOPS Oper. Syst. Rev.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3273982.3273995","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

在软件定义的基础设施(SDI)中,虚拟化技术用于将应用程序和高级服务与其底层物理计算、存储和网络资源解耦。该方法提供了一组强大的新功能(隔离、封装、可移植性、插入),包括形成一个基于软件的、用于编排管理的基础设施范围的控制平面。在这份立场文件中,我们确定了使用SDI作为强大的新工具集来重新审视当前网络安全挑战的机会。这种方法的好处可以广泛应用于公共、私有和混合云、数据中心、企业计算、物联网部署等领域。这一讨论激发了VMware与美国国家科学基金会(National Science Foundation)合作的研究挑战,以资助该领域的新颖和基础研究。这项由NSF和VMware共同资助的大学研究项目名为“软件定义基础设施作为全新计算安全基础”(SDI-CSCS),将于2017年秋季启动。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Software Defined Infrastructure: Rethinking Cybersecurity with a More Capable Toolset
In Software Defined Infrastructure (SDI), virtualization techniques are used to decouple applications and higher-level services from their underlying physical compute, storage, and network resources. The approach offers a set of powerful new capabilities (isolation, encapsulation, portability, interposition), including the formation of a software-based, infrastructure-wide control plane for orchestrated management. In this position paper, we identify opportunities for revisiting ongoing cybersecurity challenges using SDI as a powerful new toolset. Benefits of this approach can be broadly utilized in public, private, and hybrid clouds, data centers, enterprise computing, IoT deployments, and more. The discussion motivates the research challenge underlying VMware's partnership with the National Science Foundation to fund novel and foundational research in this area. Known as the NSF/VMware Partnership on Software Defined Infrastructure as a Foundation for Clean-Slate Computing Security (SDI-CSCS), the jointly funded university research program is set to begin in the fall of 2017.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信