{"title":"A data model for federated network and security management information exchange in inter-organizational IT service infrastructures","authors":"M. Steinke, Wolfgang Hommel","doi":"10.1109/NOMS.2018.8406162","DOIUrl":null,"url":null,"abstract":"Operating large-scale IT infrastructures and IT services necessitates the management of the involved devices (e. g., network components and servers) and applications. Recent advances and trends in technology, such as software-defined networking, network function virtualization, and distributed data centers render many established organization-wide management processes and tools almost useless: We argue that they must be significantly re-designed to profoundly address the specifics of the new technologies and operational procedures. In this paper, we present a common data model and inter-domain information exchange procedures for integrated network and security management; it is designed for dynamically instantiated IT services in federated, i. e., inter-organizational scenarios. First, we extend STIX and TAXII to generically support network and security event exchange; then we propose a complementary lightweight data model in favor of efficient data processing and correlation. We discuss our data model's application to four layers of abstraction - from single assets to federated services - along with their management activities and the information required to support them with management tools. An evaluation discusses the feasibility of our concept.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"19 1","pages":"1-2"},"PeriodicalIF":0.0000,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NOMS.2018.8406162","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Operating large-scale IT infrastructures and IT services necessitates the management of the involved devices (e. g., network components and servers) and applications. Recent advances and trends in technology, such as software-defined networking, network function virtualization, and distributed data centers render many established organization-wide management processes and tools almost useless: We argue that they must be significantly re-designed to profoundly address the specifics of the new technologies and operational procedures. In this paper, we present a common data model and inter-domain information exchange procedures for integrated network and security management; it is designed for dynamically instantiated IT services in federated, i. e., inter-organizational scenarios. First, we extend STIX and TAXII to generically support network and security event exchange; then we propose a complementary lightweight data model in favor of efficient data processing and correlation. We discuss our data model's application to four layers of abstraction - from single assets to federated services - along with their management activities and the information required to support them with management tools. An evaluation discusses the feasibility of our concept.