A Data Model for Federated Network and Security Management Information Exchange in Inter-Organizational IT Service Infrastructures
M. Steinke, and W. Hommel. IEEE/IFIP Network Operations and Management Symposium (NOMS), IEEE, (April 2018)
Abstract
Operating large-scale IT infrastructures and IT services necessitates the management of the involved devices (e.g., network components and servers) and applications. Recent advances and trends in technology, such as software-defined networking, network function virtualization, and distributed data centers render many established organization-wide management processes and tools almost useless: We argue that they must be significantly re-designed to profoundly address the specifics of the new technologies and operational procedures. In this paper, we present a common data model and inter-domain information exchange procedures for integrated network and security management; it is designed for dynamically instantiated IT services in federated, i.e., inter-organizational scenarios. First, we extend STIX and TAXII to generically support network and security event exchange; then we propose a complementary lightweight data model in favor of efficient data processing and correlation. We discuss our data model's application to four layers of abstraction - from single assets to federated services - along with their management activities and the information required to support them with management tools. An exemplary implementation demonstrates the feasibility for automating several typical management tasks.
%0 Conference Paper
%1 steinkehommeldatamodel
%A Steinke, Michael
%A Hommel, Wolfgang
%B IEEE/IFIP Network Operations and Management Symposium (NOMS)
%D 2018
%K data federated infrastructures management model myown network networks security sendate sendate-planets service
%T A Data Model for Federated Network and Security Management Information Exchange in Inter-Organizational IT Service Infrastructures
%X Operating large-scale IT infrastructures and IT services necessitates the management of the involved devices (e.g., network components and servers) and applications. Recent advances and trends in technology, such as software-defined networking, network function virtualization, and distributed data centers render many established organization-wide management processes and tools almost useless: We argue that they must be significantly re-designed to profoundly address the specifics of the new technologies and operational procedures. In this paper, we present a common data model and inter-domain information exchange procedures for integrated network and security management; it is designed for dynamically instantiated IT services in federated, i.e., inter-organizational scenarios. First, we extend STIX and TAXII to generically support network and security event exchange; then we propose a complementary lightweight data model in favor of efficient data processing and correlation. We discuss our data model's application to four layers of abstraction - from single assets to federated services - along with their management activities and the information required to support them with management tools. An exemplary implementation demonstrates the feasibility for automating several typical management tasks.
@inproceedings{steinkehommeldatamodel,
abstract = {Operating large-scale IT infrastructures and IT services necessitates the management of the involved devices (e.g., network components and servers) and applications. Recent advances and trends in technology, such as software-defined networking, network function virtualization, and distributed data centers render many established organization-wide management processes and tools almost useless: We argue that they must be significantly re-designed to profoundly address the specifics of the new technologies and operational procedures. In this paper, we present a common data model and inter-domain information exchange procedures for integrated network and security management; it is designed for dynamically instantiated IT services in federated, i.e., inter-organizational scenarios. First, we extend STIX and TAXII to generically support network and security event exchange; then we propose a complementary lightweight data model in favor of efficient data processing and correlation. We discuss our data model's application to four layers of abstraction - from single assets to federated services - along with their management activities and the information required to support them with management tools. An exemplary implementation demonstrates the feasibility for automating several typical management tasks.},
added-at = {2018-05-02T10:47:07.000+0200},
author = {Steinke, Michael and Hommel, Wolfgang},
biburl = {https://www.bibsonomy.org/bibtex/244cae44ce93924579b160616ce5ad9cf/ms_unibw},
booktitle = {IEEE/IFIP Network Operations and Management Symposium (NOMS)},
days = {23-27},
interhash = {73f8b9993428722b6b2971f7b0d1a00c},
intrahash = {44cae44ce93924579b160616ce5ad9cf},
keywords = {data federated infrastructures management model myown network networks security sendate sendate-planets service},
month = apr,
organization = {IEEE},
timestamp = {2019-02-06T16:59:23.000+0100},
title = {A Data Model for Federated Network and Security Management Information Exchange in Inter-Organizational IT Service Infrastructures},
type = {Publication},
year = 2018
}