Guest editorial: Special issue on novel cyber-security paradigms for software-defined and virtualized systems. Valenza, F., Repetto, M., & Shiaeles, S. Comput. Networks, 193:108126, 2021. ![Guest editorial: Special issue on novel cyber-security paradigms for software-defined and virtualized systems [pdf]](https://bibbase.org/img/filetypes/pdf.svg "pdf")
Paper doi abstract bibtex 4 downloads The massive shift to ‘‘virtualization’’ paradigms has largely transformed the traditional computing models, by progressively eroding the typical strong link between applications and devices, hence requiring to rethink and reshape the structure and composition of services and infrastructures. On the one hand, the continuous disaggregation between the software and the hardware facilitates the migration of applications and services to different infrastructures. On the other hand, the growing ‘‘softwarization’’ trend allows the creation and disposal of even complex execution environments in a matter of minutes or seconds instead of days or weeks; this includes the provisioning of (virtual) computing and networking resources, the retrieval of software images, the processing of large data sets and the connection to an ever-growing Internet of Things. The undergoing evolution has also fostered a ground-breaking transition in design and development patterns, from monolithic applications and closed silos to open and interconnected service meshes, which leverage cloud models, common interfaces, and orchestration paradigms. Pragmatic examples of such architectures in the networking domains are Network Functions Virtualization (NFV) and Software Defined Networking (SDN), which has not only brought more flexibility in network management, but has also opened new perspectives and opportunities in the realization of large, distributed, and pervasive cyber–physical systems. However, this has also determined an increase in the networks’ size and complexity, not to mention the security dependency on external software, services, data and infrastructures. The management of network devices has become more difficult than in the past, and the number of vulnerabilities that could be exploited in a cyberattack is nowadays bigger as well. Unfortunately, cyber-security paradigms have not evolved at the same pace. As a matter of fact, the ‘‘security perimeter’’ model is still the predominant paradigm, but it cannot effectively address the many issues related to multi-tenancy, increased complexity, automated lifecycle management. Although cloud management and orchestration software is already mature for the market, many enterprises are reluctant to adopt such technologies due to security concerns, which still imply more traditional (and longer) processes. For instance, network services can today be designed as the composition of Virtual Network Functions (VNFs), including resource constraints, and then automatically deployed over self-provisioning virtualized infrastructures. VNFs can be rapidly turned on and set up, with respect to what a hardware device was used to require in the past. However, there are not as much fast security processes for checking software images, hardening an ever evolving topology, give visibility over functions running in external infrastructures. A new breed of cyber-security paradigms and models are therefore necessary that could address the increased complexity and size of modern systems, not to mention the rapid escalation of advanced persistent threats and multi-vector attacks. Beyond more advanced techniques based on Machine Learning and other forms of Artificial Intelligence that could effectively cope the ever evolving threat landscape and attack patterns, it is also important to address the growing dynamicity of modern computing paradigms, self-provisioning models, service-oriented architectures, shared resources and software-defined infrastructures. This special issue of Elsevier Computer Networks fostered new research work that took into consideration security challenges brought by the usage of public cloud, heterogeneous infrastructures and providers, and dynamic software deployment and orchestration mechanisms. The scope is not limited to a single topic, but covers several aspects that fall under the aforementioned evolutionary perspective. To this end, after the two successful SecSoft workshops1 that deal with these fields, we selected the best papers from these editions to invite the authors for submission of an extended paper for peer review and potential publication in this special issue.
@article{ValenzaRS21,
author = {Fulvio Valenza and
Matteo Repetto and
Stavros Shiaeles},
title = {Guest editorial: Special issue on novel cyber-security paradigms for
software-defined and virtualized systems},
journal = {Comput. Networks},
volume = {193},
pages = {108126},
year = {2021},
url = {https://iris.polito.it/retrieve/handle/11583/2897950/480116/1-s2.0-S1389128621001997-main.pdf},
doi = {10.1016/j.comnet.2021.108126},
abstract={The massive shift to ‘‘virtualization’’ paradigms has largely transformed the traditional computing models, by progressively eroding the typical strong link between applications and devices, hence requiring to rethink and reshape the structure and composition of services and infrastructures. On the one hand, the continuous disaggregation between the software and the hardware facilitates the migration of applications and services to different infrastructures. On the other hand, the growing ‘‘softwarization’’ trend allows the creation and disposal of even complex execution environments in a matter of minutes or seconds instead of days or weeks; this includes the provisioning of (virtual) computing and networking resources, the retrieval of software images, the processing of large data sets and the connection to an ever-growing Internet of Things. The undergoing evolution has also fostered a ground-breaking transition in design and development patterns, from monolithic applications and closed silos to open and interconnected service meshes, which leverage cloud models, common interfaces, and orchestration paradigms. Pragmatic examples of such architectures in the networking domains are Network Functions Virtualization (NFV) and Software Defined Networking (SDN), which has not only brought more flexibility in network management, but has also opened new perspectives and opportunities in the realization of large, distributed, and pervasive cyber–physical systems. However, this has also determined an increase in the networks’ size and complexity, not to mention the security dependency on external software, services, data and infrastructures. The management of network devices has become more difficult than in the past, and the number of vulnerabilities that could be exploited in a cyberattack is nowadays bigger as well. Unfortunately, cyber-security paradigms have not evolved at the same pace. As a matter of fact, the ‘‘security perimeter’’ model is still the predominant paradigm, but it cannot effectively address the many issues related to multi-tenancy, increased complexity, automated lifecycle management. Although cloud management and orchestration software is already mature for the market, many enterprises are reluctant to adopt such technologies due to security concerns, which still imply more traditional (and longer) processes. For instance, network services can today be designed as the composition of Virtual Network Functions (VNFs), including resource constraints, and then automatically deployed over self-provisioning virtualized infrastructures. VNFs can be rapidly turned on and set up, with respect to what a hardware device was used to require in the past. However, there are not as much fast security processes for checking software images, hardening an ever evolving topology, give visibility over functions running in external infrastructures. A new breed of cyber-security paradigms and models are therefore necessary that could address the increased complexity and size of modern systems, not to mention the rapid escalation of advanced persistent threats and multi-vector attacks. Beyond more advanced techniques based on Machine Learning and other forms of Artificial Intelligence that could effectively cope the ever evolving threat landscape and attack patterns, it is also important to address the growing dynamicity of modern computing paradigms, self-provisioning models, service-oriented architectures, shared resources and software-defined infrastructures. This special issue of Elsevier Computer Networks fostered new research work that took into consideration security challenges brought by the usage of public cloud, heterogeneous infrastructures and providers, and dynamic software deployment and orchestration mechanisms. The scope is not limited to a single topic, but covers several aspects that fall under the aforementioned evolutionary perspective. To this end, after the two successful SecSoft workshops1 that deal with these fields, we selected the best papers from these editions to invite the authors for submission of an extended paper for peer review and potential publication in this special issue.},
keywords = {Security Orchestration, Security Automation}
}
Downloads: 4
{"_id":"RxGYtQr7EFRuft5bz","bibbaseid":"valenza-repetto-shiaeles-guesteditorialspecialissueonnovelcybersecurityparadigmsforsoftwaredefinedandvirtualizedsystems-2021","author_short":["Valenza, F.","Repetto, M.","Shiaeles, S."],"bibdata":{"bibtype":"article","type":"article","author":[{"firstnames":["Fulvio"],"propositions":[],"lastnames":["Valenza"],"suffixes":[]},{"firstnames":["Matteo"],"propositions":[],"lastnames":["Repetto"],"suffixes":[]},{"firstnames":["Stavros"],"propositions":[],"lastnames":["Shiaeles"],"suffixes":[]}],"title":"Guest editorial: Special issue on novel cyber-security paradigms for software-defined and virtualized systems","journal":"Comput. Networks","volume":"193","pages":"108126","year":"2021","url":"https://iris.polito.it/retrieve/handle/11583/2897950/480116/1-s2.0-S1389128621001997-main.pdf","doi":"10.1016/j.comnet.2021.108126","abstract":"The massive shift to ‘‘virtualization’’ paradigms has largely transformed the traditional computing models, by progressively eroding the typical strong link between applications and devices, hence requiring to rethink and reshape the structure and composition of services and infrastructures. On the one hand, the continuous disaggregation between the software and the hardware facilitates the migration of applications and services to different infrastructures. On the other hand, the growing ‘‘softwarization’’ trend allows the creation and disposal of even complex execution environments in a matter of minutes or seconds instead of days or weeks; this includes the provisioning of (virtual) computing and networking resources, the retrieval of software images, the processing of large data sets and the connection to an ever-growing Internet of Things. The undergoing evolution has also fostered a ground-breaking transition in design and development patterns, from monolithic applications and closed silos to open and interconnected service meshes, which leverage cloud models, common interfaces, and orchestration paradigms. Pragmatic examples of such architectures in the networking domains are Network Functions Virtualization (NFV) and Software Defined Networking (SDN), which has not only brought more flexibility in network management, but has also opened new perspectives and opportunities in the realization of large, distributed, and pervasive cyber–physical systems. However, this has also determined an increase in the networks’ size and complexity, not to mention the security dependency on external software, services, data and infrastructures. The management of network devices has become more difficult than in the past, and the number of vulnerabilities that could be exploited in a cyberattack is nowadays bigger as well. Unfortunately, cyber-security paradigms have not evolved at the same pace. As a matter of fact, the ‘‘security perimeter’’ model is still the predominant paradigm, but it cannot effectively address the many issues related to multi-tenancy, increased complexity, automated lifecycle management. Although cloud management and orchestration software is already mature for the market, many enterprises are reluctant to adopt such technologies due to security concerns, which still imply more traditional (and longer) processes. For instance, network services can today be designed as the composition of Virtual Network Functions (VNFs), including resource constraints, and then automatically deployed over self-provisioning virtualized infrastructures. VNFs can be rapidly turned on and set up, with respect to what a hardware device was used to require in the past. However, there are not as much fast security processes for checking software images, hardening an ever evolving topology, give visibility over functions running in external infrastructures. A new breed of cyber-security paradigms and models are therefore necessary that could address the increased complexity and size of modern systems, not to mention the rapid escalation of advanced persistent threats and multi-vector attacks. Beyond more advanced techniques based on Machine Learning and other forms of Artificial Intelligence that could effectively cope the ever evolving threat landscape and attack patterns, it is also important to address the growing dynamicity of modern computing paradigms, self-provisioning models, service-oriented architectures, shared resources and software-defined infrastructures. This special issue of Elsevier Computer Networks fostered new research work that took into consideration security challenges brought by the usage of public cloud, heterogeneous infrastructures and providers, and dynamic software deployment and orchestration mechanisms. The scope is not limited to a single topic, but covers several aspects that fall under the aforementioned evolutionary perspective. To this end, after the two successful SecSoft workshops1 that deal with these fields, we selected the best papers from these editions to invite the authors for submission of an extended paper for peer review and potential publication in this special issue.","keywords":"Security Orchestration, Security Automation","bibtex":"@article{ValenzaRS21,\r\n author = {Fulvio Valenza and\r\n Matteo Repetto and\r\n Stavros Shiaeles},\r\n title = {Guest editorial: Special issue on novel cyber-security paradigms for\r\n software-defined and virtualized systems},\r\n journal = {Comput. Networks},\r\n volume = {193},\r\n pages = {108126},\r\n year = {2021},\r\n url = {https://iris.polito.it/retrieve/handle/11583/2897950/480116/1-s2.0-S1389128621001997-main.pdf},\r\n doi = {10.1016/j.comnet.2021.108126},\r\n abstract={The massive shift to ‘‘virtualization’’ paradigms has largely transformed the traditional computing models, by progressively eroding the typical strong link between applications and devices, hence requiring to rethink and reshape the structure and composition of services and infrastructures. On the one hand, the continuous disaggregation between the software and the hardware facilitates the migration of applications and services to different infrastructures. On the other hand, the growing ‘‘softwarization’’ trend allows the creation and disposal of even complex execution environments in a matter of minutes or seconds instead of days or weeks; this includes the provisioning of (virtual) computing and networking resources, the retrieval of software images, the processing of large data sets and the connection to an ever-growing Internet of Things. The undergoing evolution has also fostered a ground-breaking transition in design and development patterns, from monolithic applications and closed silos to open and interconnected service meshes, which leverage cloud models, common interfaces, and orchestration paradigms. Pragmatic examples of such architectures in the networking domains are Network Functions Virtualization (NFV) and Software Defined Networking (SDN), which has not only brought more flexibility in network management, but has also opened new perspectives and opportunities in the realization of large, distributed, and pervasive cyber–physical systems. However, this has also determined an increase in the networks’ size and complexity, not to mention the security dependency on external software, services, data and infrastructures. The management of network devices has become more difficult than in the past, and the number of vulnerabilities that could be exploited in a cyberattack is nowadays bigger as well. Unfortunately, cyber-security paradigms have not evolved at the same pace. As a matter of fact, the ‘‘security perimeter’’ model is still the predominant paradigm, but it cannot effectively address the many issues related to multi-tenancy, increased complexity, automated lifecycle management. Although cloud management and orchestration software is already mature for the market, many enterprises are reluctant to adopt such technologies due to security concerns, which still imply more traditional (and longer) processes. For instance, network services can today be designed as the composition of Virtual Network Functions (VNFs), including resource constraints, and then automatically deployed over self-provisioning virtualized infrastructures. VNFs can be rapidly turned on and set up, with respect to what a hardware device was used to require in the past. However, there are not as much fast security processes for checking software images, hardening an ever evolving topology, give visibility over functions running in external infrastructures. A new breed of cyber-security paradigms and models are therefore necessary that could address the increased complexity and size of modern systems, not to mention the rapid escalation of advanced persistent threats and multi-vector attacks. Beyond more advanced techniques based on Machine Learning and other forms of Artificial Intelligence that could effectively cope the ever evolving threat landscape and attack patterns, it is also important to address the growing dynamicity of modern computing paradigms, self-provisioning models, service-oriented architectures, shared resources and software-defined infrastructures. This special issue of Elsevier Computer Networks fostered new research work that took into consideration security challenges brought by the usage of public cloud, heterogeneous infrastructures and providers, and dynamic software deployment and orchestration mechanisms. The scope is not limited to a single topic, but covers several aspects that fall under the aforementioned evolutionary perspective. To this end, after the two successful SecSoft workshops1 that deal with these fields, we selected the best papers from these editions to invite the authors for submission of an extended paper for peer review and potential publication in this special issue.},\r\n keywords = {Security Orchestration, Security Automation}\r\n}\r\n\r\n","author_short":["Valenza, F.","Repetto, M.","Shiaeles, S."],"key":"ValenzaRS21","id":"ValenzaRS21","bibbaseid":"valenza-repetto-shiaeles-guesteditorialspecialissueonnovelcybersecurityparadigmsforsoftwaredefinedandvirtualizedsystems-2021","role":"author","urls":{"Paper":"https://iris.polito.it/retrieve/handle/11583/2897950/480116/1-s2.0-S1389128621001997-main.pdf"},"keyword":["Security Orchestration","Security Automation"],"metadata":{"authorlinks":{}},"downloads":4},"bibtype":"article","biburl":"https://raw.githubusercontent.com/FulvioValenza/bibliography/main/Valenza_bibliography.bib","dataSources":["JbiX35GNqPCF3nids"],"keywords":["security orchestration","security automation"],"search_terms":["guest","editorial","special","issue","novel","cyber","security","paradigms","software","defined","virtualized","systems","valenza","repetto","shiaeles"],"title":"Guest editorial: Special issue on novel cyber-security paradigms for software-defined and virtualized systems","year":2021,"downloads":4}