Building a Security OS With Software Defined Infrastructure
- Additional Document Info
- View All
2017 ACM. The recent emergence of Software-Defined Infrastructure (SDI) offers a number of useful tools for managing, monitoring, containing, shepherding, and recovering computing units within an enterprise, cloud, or data center. As SDI utilities grow and the types of resources that can be abstracted into software-managed control and data planes increase, there is a pressing need for datacenter-level operating systems (OSes). Such a datacenter-level OS can further abstract and easily capture higher-level policy goals, and push them down to different types of hardware and software, ranging from application processes to storage and networking. This paper thus proposes S 2 OS, an SDI-defined Security OS, which offers an easy-to-use, programmable security model for monitoring and dynamically securing applications. We anticipate S 2 OS could unlock a wide range of unprecedented security opportunities, including fine-grained and dynamic security programmability at infrastructure scale, and information flow tracking across an entire infrastructure.
name of conference
APSys '17: 8th Asia-Pacific Workshop on Systems
Proceedings of the 8th Asia-Pacific Workshop on Systems
author list (cited authors)
Gu, G., Hu, H., Keller, E., Lin, Z., & Porter, D. E.
complete list of authors
Gu, Guofei||Hu, Hongxin||Keller, Eric||Lin, Zhiqiang||Porter, Donald E