2007 Articles
Mediated Overlay Services (MOSES): Network Security as a Composable Service
In recent years, organizations have been shifting focus to their core business competencies, and reducing total cost of ownership (TCO) associated with training and management of their IT infrastructure. In the same motif, organizations are establishing security and survivability frameworks as an integral part of their business strategy so as to provide an acceptable quality-of-service for their clients and employees. However, the current paradigm of outsourced managed security service providers (MSSPs) is often difficult to transition to, offers little control to the organization, does not allow "best of breed" composition, and risks vendor lock-in due to the complexity of migrating to a different MSSP. We present MOSES (Mediated Overlay Services), an architecture for composing network security services such as anti-spam, antivirus, automated vulnerability detection and mitigation, and filtering. MOSES is roughly modeled on the web services framework. In addition to ease-of-deployment, MOSES allows for economies of scale and a reduction to the total cost of ownership. In this paper, we discuss our motivation and high-level view of such an architecture. We highlight the advantages, illuminate potential drawbacks, and discuss a broad research agenda toward realizing this vision.
Subjects
Files
- 04567338.pdf application/pdf 404 KB Download File
Also Published In
- Title
- 2007 IEEE Sarnoff Symposium, Nassau Inn in Princeton, New Jersey, April 30 - May 2, 2007
- Publisher
- IEEE
- DOI
- https://doi.org/10.1109/SARNOF.2007.4567338
More About This Work
- Academic Units
- Computer Science
- Published Here
- March 14, 2012