Adding Support for Automatic Enforcement of Security Policies in NFV Networks
نویسندگان
چکیده
منابع مشابه
Corrective Enforcement of Security Policies
Monitoring is a powerful security policy enforcement paradigm that allows the execution of a potentially malicious software by observing and transforming it, thus ensuring its compliance with a user-defined security policy. Yet some restrictions must be imposed on the monitor’s ability to transform sequences, so that key elements of the execution’s semantics are preserved. An approximation of t...
متن کاملA Programmable Enforcement Framework for Security Policies
This thesis proposes the MAP-REDUCE framework, a programmable framework, that can be used to construct enforcement mechanisms of different security policies. The framework is based on the idea of secure multiexecution in which multiple copies of the controlled program are executed. In order to construct an enforcement mechanism of a policy, users have to write a MAP program and a REDUCE program...
متن کاملAutomatic Enforcement of Security Properties
Ensuring the security requirements of an application is not a straightforward task. Security properties (e.g., confidentiality, anonymity) need to be satisfied in different ways in different parts of the same application. Software architects are usually required to manually define security components and their dependencies with the base application, customize them to the application’s requireme...
متن کاملTrust-Based Enforcement of Security Policies
Two conflicting high-level goals govern the enforcement of security policies, abridged in the phrase “high security at a low cost”. While these drivers seem irreconcilable, formal modelling languages and automated verification techniques can facilitate the task of finding the right balance. We propose a modelling language and a framework in which security checks can be relaxed or strengthened t...
متن کاملProbabilistic Cost Enforcement of Security Policies
This paper presents a formal framework for run-time enforcement mechanisms, or monitors, based on probabilistic input/output automata [9,10], which allows for the modeling of complex and interactive systems. We associate with each trace of a monitored system (i.e., a monitor interposed between a system and an environment) a probability and a real number that represents the cost that the actions...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE/ACM Transactions on Networking
سال: 2019
ISSN: 1063-6692,1558-2566
DOI: 10.1109/tnet.2019.2895278