A data model for federated network and security management information exchange in inter-organizational IT service infrastructures

M. Steinke, Wolfgang Hommel
{"title":"A data model for federated network and security management information exchange in inter-organizational IT service infrastructures","authors":"M. Steinke, Wolfgang Hommel","doi":"10.1109/NOMS.2018.8406162","DOIUrl":null,"url":null,"abstract":"Operating large-scale IT infrastructures and IT services necessitates the management of the involved devices (e. g., network components and servers) and applications. Recent advances and trends in technology, such as software-defined networking, network function virtualization, and distributed data centers render many established organization-wide management processes and tools almost useless: We argue that they must be significantly re-designed to profoundly address the specifics of the new technologies and operational procedures. In this paper, we present a common data model and inter-domain information exchange procedures for integrated network and security management; it is designed for dynamically instantiated IT services in federated, i. e., inter-organizational scenarios. First, we extend STIX and TAXII to generically support network and security event exchange; then we propose a complementary lightweight data model in favor of efficient data processing and correlation. We discuss our data model's application to four layers of abstraction - from single assets to federated services - along with their management activities and the information required to support them with management tools. An evaluation discusses the feasibility of our concept.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"19 1","pages":"1-2"},"PeriodicalIF":0.0000,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NOMS.2018.8406162","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4

Abstract

Operating large-scale IT infrastructures and IT services necessitates the management of the involved devices (e. g., network components and servers) and applications. Recent advances and trends in technology, such as software-defined networking, network function virtualization, and distributed data centers render many established organization-wide management processes and tools almost useless: We argue that they must be significantly re-designed to profoundly address the specifics of the new technologies and operational procedures. In this paper, we present a common data model and inter-domain information exchange procedures for integrated network and security management; it is designed for dynamically instantiated IT services in federated, i. e., inter-organizational scenarios. First, we extend STIX and TAXII to generically support network and security event exchange; then we propose a complementary lightweight data model in favor of efficient data processing and correlation. We discuss our data model's application to four layers of abstraction - from single assets to federated services - along with their management activities and the information required to support them with management tools. An evaluation discusses the feasibility of our concept.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
用于在组织间IT服务基础设施中进行联合网络和安全管理信息交换的数据模型
操作大型IT基础设施和IT服务需要管理相关设备(例如,网络组件和服务器)和应用程序。最近的技术进步和趋势,如软件定义网络、网络功能虚拟化和分布式数据中心,使得许多已建立的组织范围内的管理流程和工具几乎毫无用处:我们认为,它们必须进行重大的重新设计,以深刻地解决新技术和操作流程的具体问题。在本文中,我们提出了一种通用的数据模型和域间信息交换过程,用于集成网络和安全管理;它是为联邦(即组织间场景)中的动态实例化it服务而设计的。首先,我们扩展了STIX和TAXII,以通用地支持网络和安全事件交换;然后,我们提出了一个互补的轻量级数据模型,有利于有效的数据处理和关联。我们将讨论数据模型在四个抽象层(从单个资产到联邦服务)中的应用,以及它们的管理活动和使用管理工具支持它们所需的信息。一项评估讨论了我们概念的可行性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
SSH Kernel: A Jupyter Extension Specifically for Remote Infrastructure Administration Visual emulation for Ethereum's virtual machine Analyzing throughput and stability in cellular networks Network events in a large commercial network: What can we learn? Economic incentives on DNSSEC deployment: Time to move from quantity to quality
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1