On Isolation-Driven Automated Module Decomposition
Title | On Isolation-Driven Automated Module Decomposition |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Cerny, Tomas, Sedlisky, Filip, Donahoo, Michael J. |
Conference Name | Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems |
Publisher | ACM |
ISBN Number | 978-1-4503-5885-9 |
Keywords | Architectures, compositionality, Cyber physical system, decomposition, Metrics, microservices, pubcrawl, self-contained systems, SOA |
Abstract | Contemporary enterprise systems focus primarily on performance and development/maintenance costs. Dealing with cyber-threats and system compromise is relegated to good coding (i.e., defensive programming) and secure environment (e.g., patched OS, firewalls, etc.). This approach, while a necessary start, is not sufficient. Such security relies on no missteps, and compromise only need a single flaw; consequently, we must design for compromise and mitigate its impact. One approach is to utilize fine-grained modularization and isolation. In such a system, decomposition ensures that compromise of a single module presents limited and known risk to data/resource theft and denial. We propose mechanisms for automating such modular composition and consider its system performance impact. |
URL | http://dx.doi.org/10.1145/3264746.3264756 |
DOI | 10.1145/3264746.3264756 |
Citation Key | cerny_isolation-driven_2018 |