Towards a Declarative Language and System for Secure Networking
نویسندگان
چکیده
In this paper, we present a declarative language and system for describing and implementing secure networks. Our proposed language, SeNDlog, is an attempt at unifying Binder, a logic-based language for access control in distributed systems, and Network Datalog (NDlog), a database query language for declarative networks. The contributions of this paper are as follows. First, we highlight the similarities and differences between Binder and NDlog with regards to their notion of location, trust model, and evaluation strategies. Second, we motivate and propose the SeNDlog language that combines features from Binder and NDlog. Third, we demonstrate the use of SeNDlog for specifying secure networks and present directions for future work.
منابع مشابه
Unified Declarative Platform for Secure Networked Information Systems
We present a unified declarative platform for specifying, implementing, and analyzing secure networked information systems. Our work builds upon techniques from logic-based trust management systems, declarative networking, and data analysis via provenance. We make the following contributions. First, we propose the secure network datalog (SeNDlog) language that unifies Binder, a logic-based lang...
متن کاملThe Design and Implementation of Declarative Networks
The Design and Implementation of Declarative Networks by Boon Thau Loo Doctor of Philosophy in Computer Science University of California, Berkeley Professor Joseph M. Hellerstein, Chair In this dissertation, we present the design and implementation of declarative networks. Declarative networking proposes the use of a declarative query language for specifying and implementing network protocols, ...
متن کاملTowards A Secure and Verifiable Future Internet
In recent years, there have been strong interests in the networking community in designing new Internet architectures. One of the driving forces behind these “clean-slate” designs is the need to address pressing security concerns of the Internet. As a consequence, recent architectures, such as SCION [8] and ICING [5], provide radically new architectures that claim to provide stronger security g...
متن کاملUnified Platform for Secure Networked Information Systems
In this paper, we present a unified declarative platform for specifying, implementing, analyzing and auditing large-scale secure information systems. Our proposed system builds upon techniques from logic-based trust management systems, declarative networking, and data analysis via provenance. First, we propose the Secure Network Datalog (SeNDlog) language that unifies Binder, a logic-based lang...
متن کاملTowards a Secure and Verifiable Future Internet (Full Presentation)
In recent years, there have been strong interests in the networking community in designing new Internet architectures. One of the driving forces behind these “clean-slate” designs is the need to address pressing security concerns of the Internet. As a consequence, recent architectures, such as SCION [8] and ICING [5], provide radically new architectures that claim to provide stronger security g...
متن کامل