On Isolation-Driven Automated Module Decomposition
| Title | On Isolation-Driven Automated Module Decomposition |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Cerny, Tomas, Sedlisky, Filip, Donahoo, Michael J. |
| Conference Name | Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems |
| Publisher | ACM |
| ISBN Number | 978-1-4503-5885-9 |
| Keywords | Architectures, compositionality, Cyber physical system, decomposition, Metrics, microservices, pubcrawl, self-contained systems, SOA |
| Abstract | Contemporary enterprise systems focus primarily on performance and development/maintenance costs. Dealing with cyber-threats and system compromise is relegated to good coding (i.e., defensive programming) and secure environment (e.g., patched OS, firewalls, etc.). This approach, while a necessary start, is not sufficient. Such security relies on no missteps, and compromise only need a single flaw; consequently, we must design for compromise and mitigate its impact. One approach is to utilize fine-grained modularization and isolation. In such a system, decomposition ensures that compromise of a single module presents limited and known risk to data/resource theft and denial. We propose mechanisms for automating such modular composition and consider its system performance impact. |
| URL | http://dx.doi.org/10.1145/3264746.3264756 |
| DOI | 10.1145/3264746.3264756 |
| Citation Key | cerny_isolation-driven_2018 |