Framework for Interface to Network Security Functions

Dunbar, Linda; Strassner, John; Kumar, Rakesh; Lopez, Edward; López, Diego

doi:10.17487/rfc8329

Cited by 16 publications

(12 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Despite the promising trends, we must ascertain the substantial heterogeneity in cyber-security tools and their interfaces, which hinders their composition in flexible and agile platforms and leads to non-interoperable vertical silos and a substantial market fragmentation. Indeed, the lack of open and clear specifications for control and management interfaces is already known, despite recent attempts to define a common framework [8].…”

Section: Evolving Cyber-security Marketmentioning

confidence: 99%

“…The Security Controller is the smart entity that automates as much as possible all security workflows. According to on-going initiatives [8], the main role The second, and more challenging, is the derivation of the necessary information from an on-going attack or offline analysis [14,15]. While the former is already addressed by several standardization initiatives (e.g., STIX), the latter…”

Section: Security Controllermentioning

confidence: 99%

“…In practice, it translates high-level behavioral guidelines into concrete actions, rules and configuration settings applied both to the Context Broker, Digital services, and the Orchestration framework. This means that the Secu-rity Controller launches Security Services when required, sets up local security capabilities, collects the relevant context in the proper data format, feeds analytics engines, and dispatches notifications to humans through the Dispatcher function (API #3).The implementation of the Security Controller may vary from bare eventdriven engines to more complex rule management systems, up to the application of Artificial Intelligence to learn and improve strategies from humans' behavior.Accordingly, the specification of policies also changes from Event-Condition-Action (ECA) patterns to more abstract definition of goals, constraints, and even intents, which could be defined by non-technical users[13,8]. The adoption of advanced reasoning models would open the opportunity for dynamically adapting the response to new threat vectors.…”

mentioning

confidence: 99%

“…Internet of Things-as-a-Service (IoTaaS), or just Things-as-a-Service (TaaS), is one of the latest iterations in the 'as-a-service' jungle[6],[7],[8]. However, there is not a shared understanding about this concept in the technology or business jargon, so we do not include it in our analysis.…”

mentioning

confidence: 99%

See 3 more Smart Citations

An architecture to manage security operations for digital service chains

Repetto

Carrega²,

Rapuzzi³

2021

Future Generation Computer Systems

View full text Add to dashboard Cite

Evolving business models are progressively pushing for increasing digitalization of existing and novel processes. The ICT industry is already addressing this need by massive introduction of virtualization paradigms and tight integration with the physical environment, which allow the creation of multi-domain and complex business service chains. Emerging technologies undoubtedly bring more agility in service deployment and operation but also break traditional security models, which have not been conceived for dynamic and multi-tenancy environments. In this paper, we briefly elaborate on existing gaps and research challenges towards advanced assurance and protection of trustworthy and reliable business chains spanning multiple administrative domains and heterogeneous infrastructures. We consolidate our analysis in a reference architecture, which includes all functional elements to effectively tackle the dynamic and agile nature of emerging ICT paradigms.

show abstract

Section: Evolving Cyber-security Marketmentioning

confidence: 99%

Section: Security Controllermentioning

confidence: 99%

mentioning

confidence: 99%

mentioning

confidence: 99%

See 2 more Smart Citations

An architecture to manage security operations for digital service chains

Repetto

Carrega²,

Rapuzzi³

2021

Future Generation Computer Systems

View full text Add to dashboard Cite

show abstract

“…We note the work by the IETF Interface to Network Security Functions (I2NSF) working group [5], which describes a framework and reference model for the integration of network security functions. RFC8329 [40] specifically highlights the importance of authentication, authorisation and auditing (AAA) of application functions and management of overlapping security policy. While TENNISON is currently a singledomain prototype implementation, the framework aligns with the recommendations of I2NSF e.g.…”

Section: ) Northbound Interface (Nbi)mentioning

confidence: 99%

Tennison: A Distributed SDN Framework for Scalable Network Security

Fawcett

Scott-Hayward

Broadbent

et al. 2018

IEEE J. Select. Areas Commun.

View full text Add to dashboard Cite

Despite the relative maturity of the Internet, the computer networks of today are still susceptible to attack. The necessary distributed nature of networks for wide area connectivity has traditionally led to high cost and complexity in designing and implementing secure networks. With the introduction of Software Defined Networks (SDN) and Network Functions Virtualisation (NFV), there are opportunities for efficient network threat detection and protection. SDN's global view provides a means of monitoring and defence across the entire network. However, current SDN-based security systems are limited by a centralised framework that introduces significant control plane overhead, leading to the saturation of vital control links. In this paper, we introduce TENNISON, a novel distributed SDN security framework that combines the efficiency of SDN control and monitoring with the resilience and scalability of a distributed system. TENNISON offers effective and proportionate monitoring and remediation, compatibility with widely-available networking hardware, support for legacy networks, and a modular and extensible distributed design. We demonstrate the effectiveness and capabilities of the TENNISON framework through the use of four attack scenarios. These highlight multiple levels of monitoring, rapid detection and remediation, and provide a unique insight into the impact of multiple controllers on network attack detection at scale.

show abstract

A Reference Architecture for Management of Security Operations in Digital Service Chains

Carrega¹,

Grieco

Striccoli

et al. 2022

Cybersecurity of Digital Service Chains

View full text Add to dashboard Cite

Modern computing paradigms (i.e., cloud, edge, Internet of Things) and ubiquitous connectivity have brought the notion of pervasive computing to an unforeseeable level, which boosts service-oriented architectures and microservices patterns to create digital services with data-centric models. However, the resulting agility in service creation and management has not been followed by a similar evolution in cybersecurity patterns, which still largely rest on more conventional device- and infrastructure-centric models.In this Chapter, we describe the implementation of the GUARD Platform, which represents the core element of a modern cybersecurity framework for building detection and analytics services for complex digital service chains. We briefly review the logical components and how they address scientific and technological challenges behind the limitations of existing cybersecurity tools. We also provide validation and performance analysis that show the feasibility and efficiency of our implementation.

show abstract

Framework for Interface to Network Security Functions

Cited by 16 publications

References 3 publications

An architecture to manage security operations for digital service chains

An architecture to manage security operations for digital service chains

Tennison: A Distributed SDN Framework for Scalable Network Security

A Reference Architecture for Management of Security Operations in Digital Service Chains

Contact Info

Product

Resources

About