Community-Building Workshop on Programmable System Security in a Software-Defined World

软件定义世界中的可编程系统安全社区建设研讨会

• 批准号: 1841099
• 负责人: Guofei Gu
• 金额: $ 0.15万
• 依托单位: Texas A&M Engineering Experiment Station
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-08-01 至 2020-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1841099&HistoricalAwards=false
• 关键词: Community; Building; Workshop; Programmable; System

This workshop brings together networking, systems, and security researchers to discuss and establish a vision for programmable security in modern software-defined infrastructures (e.g., cloud, Internet-of-Things, or edge computing environments). The output of the workshop will be a public report documenting the discussions and a set of recommendations on research directions and frontiers. The workshop and the report will stimulate research collaboration and the creation of a common research vision between disparate communities.We increasingly live in a software-defined world where systems that were once implemented as rigid control systems or fixed-function hardware systems are now highly programmable through software interfaces that decouple underlying hardware details and offer remote control and centralized management. Early examples of software-defined systems (SD-X) include multi-tenant clouds, software-defined networking (SDN), network functions virtualization (NFV), software-defined infrastructure (SDI), and software-defined radios (SDR). While SD-X technologies have rapidly proliferated within industry and received considerable systems research attention, the paradigm has not been fully exploited in approaching a wide array of important security challenges. The objective of this workshop is to identify those research challenges and opportunities to exploit SD-X approaches in making system security more programmable, agile, orchestrated, and intelligent. This workshop creates a much-needed opportunity for a cross-cutting group of researchers to fill out the vision of what programmable security based on SD-X could be, including research challenges, long-term visions, and key issues. In the process, this workshop will promote a more focused community and vision where traditionally disparate communities previously worked in isolation and without a more ambitious system security vision within the context of complex software-defined infrastructures. The workshop report will be made available to the public via the workshop website. Broad directions to be considered by the workshop attendees include, but are not limited to: (1) new abstractions for data/control planes aimed specifically at security, (2) new architectures that integrate diverse SD-X domains (networking, processing, storage, etc.) for a more powerful and comprehensive security framework, (3) new programming and language paradigms for programmable security, (4) a better understanding of attack surfaces and adversarial methods within modern software-defined infrastructures, (5) new formal and experimental methodologies for reasoning about software-defined security, (6) the integration of emerging Artificial Intelligence/Machine Learning and data-driven capabilities into programmable system security, (7) new applications paradigms that exploit programmable paradigms in innovative ways, and (8) the application of programmable security approaches to emerging platforms and infrastructure domains. Overall, workshop participants will help to build community and define the vision of a new generation of security technologies in the rapidly expanding world of software-defined infrastructures and devices.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该研讨会汇集了网络，系统和安全研究人员，以讨论和建立现代软件定义的基础架构（例如，云，图像互联网或边缘计算环境）中可编程安全性的愿景。研讨会的输出将是一份公开报告，记录了在研究方向和边界上的讨论和一系列建议。研讨会和报告将刺激研究合作以及在不同社区之间建立共同的研究愿景。我们越来越居住在软件定义的世界中，这些世界曾经被用作刚性控制系统或固定功能硬件的硬件系统实现，现在可以通过将基本硬件详细信息和远程控制和集中控制和集中管理和集中管理和集中管理和提供远程控制和集中控制的软件接口进行高度编程。软件定义系统（SD-X）的早期示例包括多租户云，软件定义的网络（SDN），网络功能虚拟化（NFV），软件定义的基础结构（SDI）和软件定义的收音机（SDR）。尽管SD-X技术在行业内迅速增殖并受到了大量系统研究的关注，但在应对广泛的重要安全挑战方面，范式并未得到充分利用。该研讨会的目的是确定这些研究挑战和机会，以利用SD-X方法，以使系统安全更加可编程，敏捷，精心策划和聪明。 该研讨会为一组跨切端的研究人员提供了急需的机会，以填补基于SD-X的可编程安全性的愿景，包括研究挑战，长期愿景和关键问题。在此过程中，该研讨会将促进一个更加专注的社区和愿景，传统上以不同的社区为孤立地工作，并且在复杂的软件定义基础架构的背景下没有更雄心勃勃的系统安全愿景。 研讨会报告将通过研讨会网站向公众提供。研讨会参与者要考虑的广泛方向包括但不限于：（1）针对安全性的数据/控制平面的新抽象，（（2）将各种SD-X域（网络，处理，存储等）整合的新体系结构，以实现更强大，更全面的安全框架，（3）对程序的范围和语言范式的范围，（3）在程序上的范围和语言范式的范围更好，（3）一个更好地理解程序的方法（4）A A A ADEF（4）A A A A INFOM（4）A A A A INFORMABLE（4）A A A A INFOM（4）A A A A I I I I I I I I I I I I SHEF（4）软件定义的基础架构，（5）有关软件定义安全性推理的新的正式和实验方法，（6）将新兴的人工智能/机器学习和数据驱动的功能集成到可编程系统安全性中，（7）在设备在创新的应用程序和（8）程序的应用程序中，将可编程的范式用于程序和（8）的应用程序，以及（8）范围内的应用程序。总体而言，研讨会的参与者将有助于建立社区，并在迅速扩展的软件定义基础设施和设备的世界中定义新一代安全技术的愿景。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的知识分子优点和更广泛的影响审查标准来通过评估来通过评估来支持的。