Visible to the public Biblio

Filters: Author is Sedlisky, Filip  [Clear All Filters]
2019-08-12
Cerny, Tomas, Sedlisky, Filip, Donahoo, Michael J..  2018.  On Isolation-Driven Automated Module Decomposition. Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems. :302-307.

Contemporary enterprise systems focus primarily on performance and development/maintenance costs. Dealing with cyber-threats and system compromise is relegated to good coding (i.e., defensive programming) and secure environment (e.g., patched OS, firewalls, etc.). This approach, while a necessary start, is not sufficient. Such security relies on no missteps, and compromise only need a single flaw; consequently, we must design for compromise and mitigate its impact. One approach is to utilize fine-grained modularization and isolation. In such a system, decomposition ensures that compromise of a single module presents limited and known risk to data/resource theft and denial. We propose mechanisms for automating such modular composition and consider its system performance impact.