Data-Centric Security in Software Defined Networks (Sdn)

Amanowicz, Marek, Szwaczyk, Sebastian, Wrona, Konrad

  • 出版商: Springer
  • 出版日期: 2024-04-12
  • 售價: $6,290
  • 貴賓價: 9.5$5,976
  • 語言: 英文
  • 頁數: 118
  • 裝訂: Hardcover - also called cloth, retail trade, or trade
  • ISBN: 3031555163
  • ISBN-13: 9783031555169
  • 相關分類: SDN資訊安全
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

The book focuses on applying the data-centric security (DCS) concept and leveraging the unique capabilities of software-defined networks (SDN) to improve the security and resilience of corporate and government information systems used to process critical information and implement business processes requiring special protection. As organisations increasingly rely on information technology, cyber threats to data and infrastructure can significantly affect their operations and adversely impact critical business processes. Appropriate authentication, authorisation, monitoring, and response measures must be implemented within the perimeter of the system to protect against adversaries. However, sophisticated attackers can compromise the perimeter defences and even remain in the system for a prolonged time without the owner being aware of these facts. Therefore, new security paradigms such as Zero Trust and DCS aim to provide defence under the assumption that the boundary protections will be breached.

Based on experience and lessons learned from research on the application of DCS to defence systems, the authors present an approach to integrating the DCS concept with SDN. They introduce a risk-aware approach to routing in SDN, enabling defence-in-depth and enhanced security for data in transit. The book describes possible paths for an organisation to transition towards DCS, indicating some open and challenging issues requiring further investigation. To allow interested readers to conduct detailed studies and evaluate the exemplary implementation of DCS over SDN, the text includes a short tutorial on using the emulation environment and links to the websites from which the software can be downloaded.

商品描述(中文翻譯)

這本書著重於應用以資料為中心的安全(DCS)概念,並利用軟體定義網路(SDN)的獨特能力,提升企業和政府資訊系統的安全性和彈性,這些系統用於處理關鍵資訊和實施需要特殊保護的業務流程。隨著組織越來越依賴資訊技術,對資料和基礎設施的網路威脅可能會嚴重影響其運營,並對關鍵業務流程產生不利影響。必須在系統的範圍內實施適當的身份驗證、授權、監控和應對措施,以防止對手的攻擊。然而,精通的攻擊者可以破壞範圍的防禦,甚至在所有者不知情的情況下長時間留在系統中。因此,新的安全範式,如零信任和DCS,旨在提供在邊界保護被破壞的情況下的防禦能力。

根據在防禦系統中應用DCS的研究經驗和經驗教訓,作者提出了將DCS概念與SDN集成的方法。他們介紹了一種在SDN中基於風險意識的路由方法,實現了深度防禦和增強了資料在傳輸過程中的安全性。本書描述了組織向DCS過渡的可能途徑,並指出了一些需要進一步研究的開放性和具有挑戰性的問題。為了讓感興趣的讀者進行詳細研究並評估DCS在SDN上的示範實施,本文包括了一個使用仿真環境的簡短教程,並提供了可以下載軟體的網站連結。