Safety and Security of Programmable Network Infrastructures
University of Pennsylvania Philadelphia United States
Pagination or Media Count:
Safety and security are two reliability properties of a system. A Safe system provides protection against errors of trusted users, while a Secure system protects against errors introduced by untrusted users. There is considerable overlap between mechanisms to support each property. Requirements for rapid service creation have stimulated the development of programmable network infrastructures, where end users or service providers can customize the properties of a network infrastructure while it continues to operate. A central concern of potential users of such systems is their reliability, and most specifically their safety and security. In this paper, we explain the impact the network service model and architecture have on safety and security, and provide a model with which policies can be translated into restrictions of a general system. We illustrate these ideas with the Secure Active Network Environment SANE architecture, which provides a means of controlling access to the functions provided by any programmable infrastructure.