Building a Security OS With Software Defined Infrastructure Conference Paper uri icon


  • 2017 ACM. The recent emergence of Software-Defined Infrastructure (SDI) offers a number of useful tools for managing, monitoring, containing, shepherding, and recovering computing units within an enterprise, cloud, or data center. As SDI utilities grow and the types of resources that can be abstracted into software-managed control and data planes increase, there is a pressing need for datacenter-level operating systems (OSes). Such a datacenter-level OS can further abstract and easily capture higher-level policy goals, and push them down to different types of hardware and software, ranging from application processes to storage and networking. This paper thus proposes S 2 OS, an SDI-defined Security OS, which offers an easy-to-use, programmable security model for monitoring and dynamically securing applications. We anticipate S 2 OS could unlock a wide range of unprecedented security opportunities, including fine-grained and dynamic security programmability at infrastructure scale, and information flow tracking across an entire infrastructure.

name of conference

  • Proceedings of the 8th Asia-Pacific Workshop on Systems

published proceedings

  • Proceedings of the 8th Asia-Pacific Workshop on Systems

author list (cited authors)

  • Gu, G., Hu, H., Keller, E., Lin, Z., & Porter, D. E.

citation count

  • 2

complete list of authors

  • Gu, Guofei||Hu, Hongxin||Keller, Eric||Lin, Zhiqiang||Porter, Donald E

publication date

  • January 2017