Description: The point of Software-Defined Infrastructure is an infrastructure that is at once more flexible, controllable, and transparent to user and developer. One important characteristic of this infrastructure is that it is not owned or controlled by the user. At runtime, it is an opaque black box. Thus, it must have guaranteed properties of both performance and function. Infrastructure also has limited visibility and debuggability. It’s hard to diagnose network problems, and it’s hard to diagnose runtime issues on a remote system. Thus, programs which manipulate the infrastructure (e.g., orchestration systems, SDN applications, etc.) should have their infrastructure manipulations verified, to the extent that this is possible. We need to catch bugs statically to the extent that we can, performance and correctness both. Infrastructure configurations ought to be inherently veri- fiable. Verification of state-free systems is in NP; verification of finite-state systems is always in P-Space, and many problems are in NP. It has been shown by a number of authors that OpenFlow rulesets are state-free, and verification is therefore in NP. Similar arguments can be made for configuration layers and workflow engines, depending on precise semantics. These results imply that the under- lying model of computation for configuration of software-defined networking and at least some elements of softwaredefined infrastructure are state-free or, at worst, finite-state, and therefore that verification of these systems is relatively tractable. The large challenge before the community is then to design configuration models for software-defined infrastructure that preserve the precise and weak semantics of the implementation domain; offer appropriate abstractions of performance characteristics; and nonetheless retain usability and concision.
For More Information Please Visit:- http://www.ieee-security.org/TC/SP2016/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.