Mediated overlay services (MOSES): Network security as a composable service
作者: Stelios Sidiroglou , Angelos Stavrou , Angelos D. Keromytis
DOI: 10.1109/SARNOF.2007.4567338
关键词: Computer science 、 Managed security service 、 Computer security 、 Network security 、 Core business 、 Vendor 、 Information technology management 、 Access control 、 Total cost of ownership 、 Web service
摘要: In recent years, organizations have been shifting focus to their core business competencies, and reducing total cost of ownership (TCO) associated with training management IT infrastructure. the same motif, are establishing security survivability frameworks as an integral part strategy so provide acceptable quality-of-service for clients employees. However, current paradigm outsourced managed service providers (MSSPs) is often difficult transition to, offers little control organization, does not allow ldquobest breedrdquo composition, risks vendor lock-in due complexity migrating a different MSSP. We present MOSES (Mediated Overlay Services), architecture composing network services such anti-spam, antivirus, automated vulnerability detection mitigation, filtering. roughly modeled on web framework. addition ease-of-deployment, allows economies scale reduction ownership. this paper, we discuss our motivation high-level view architecture. highlight advantages, illuminate potential drawbacks, broad research agenda toward realizing vision.
columbia.edu
sci-hub.se 参考文章(18)
Henry M. Levy, Harsha V. Madhyastha, Krishna P. Gummadi, Steven D. Gribble, David Wetherall, Improving the reliability of internet paths with one-hop source routing operating systems design and implementation. pp. 13- 13 ,(2004)
Angelos D. Keromytis, Daniel Stuart Rubenstein, Vishal Misra, Jason Nieh, Angelos Stavrou, MOVE: An End-to-End Solution To Network Denial of Service network and distributed system security symposium. pp. 81- 96 ,(2005) , 10.7916/D8ZW1W9V
Angelos Stavrou, John Ioannidis, Angelos D. Keromytis, Vishal Misra, Dan Rubenstein, A Pay-per-Use DoS Protection Mechanism For the Web applied cryptography and network security. pp. 120- 134 ,(2004) , 10.1007/978-3-540-24852-1_9
Luis von Ahn, Manuel Blum, Nicholas J. Hopper, John Langford, CAPTCHA: using hard AI problems for security theory and application of cryptographic techniques. pp. 294- 311 ,(2003) , 10.1007/3-540-39200-9_18
Frank Apap, Andrew Honig, Shlomo Hershkop, Eleazar Eskin, Sal Stolfo, None, Detecting malicious software by monitoring anomalous windows registry accesses recent advances in intrusion detection. pp. 36- 53 ,(2002) , 10.1007/3-540-36084-0_3
Stelios Sidiroglou, John Ioannidis, Angelos D. Keromytis, Salvatore J. Stolfo, An Email Worm Vaccine Architecture Information Security Practice and Experience. pp. 97- 108 ,(2005) , 10.1007/978-3-540-31979-5_9
Kostas G. Anagnostakis, Sotiris Ioannidis, Miltchev Stefan, Jonathan M. Smith, Practical Network Applications on a Lightweight Active Management Environment Lecture Notes in Computer Science. pp. 101- 115 ,(2001) , 10.1007/3-540-45451-9_7
William G. Morein, Angelos Stavrou, Debra L. Cook, Angelos D. Keromytis, Vishal Misra, Dan Rubenstein, Using graphic turing tests to counter automated DDoS attacks against web servers computer and communications security. pp. 8- 19 ,(2003) , 10.1145/948109.948114
Hari Balakrishnan, David G. Andersen, Rohit N. Rao, M. Frans Kaashoek, Improving web availability for clients with MONET networked systems design and implementation. pp. 115- 128 ,(2005) , 10.5555/1251203.1251212
G. Mori, J. Malik, Recognizing objects in adversarial clutter: breaking a visual CAPTCHA computer vision and pattern recognition. ,vol. 1, pp. 134- 141 ,(2003) , 10.1109/CVPR.2003.1211347