23,611 research outputs found
A service dependency modeling framework for policy-based response enforcement
International audienceThe use of dynamic access control policies for threat response adapts local response decisions to high level system constraints. However, security policies are often carefully tightened during system design-time, and the large number of service dependencies in a system architecture makes their dynamic adaptation di±cult. The enforcement of a single re- sponse rule requires performing multiple con¯guration changes on multi- ple services. This paper formally describes a Service Dependency Frame- work (SDF) in order to assist the response process in selecting the pol- icy enforcement points (PEPs) capable of applying a dynamic response rule. It automatically derives elementary access rules from the generic access control, either allowed or denied by the dynamic response pol- icy, so they can be locally managed by local PEPs. SDF introduces a requires/provides model of service dependencies. It models the service architecture in a modular way, and thus provides both extensibility and reusability of model components. SDF is de¯ned using the Architecture Analysis and Design Language, which provides formal concepts for mod- eling system architectures. This paper presents a systematic treatment of the dependency model which aims to apply policy rules while minimizing con¯guration changes and reducing resource consumption
SDN based Network Function Parallelism in Cloud
Network function virtualization (NFV) based service function chaining (SFC)
allows the provisioning of various security and traffic engineering
applications in a cloud network. Inefficient deployment of network functions
can lead to security violations and performance overhead. In an OpenFlow
enabled cloud, the key problem with current mechanisms is that several packet
field match and flow rule action sets associated with the network functions are
non-overlapping and can be parallelized for performance enhancement. We
introduce Network Function Parallelism (NFP) SFC-NFP for OpenFlow network. Our
solution utilizes network function parallelism over the OpenFlow rules to
improve SFC performance in the cloud network. We have utilized the DPDK
platform with an OpenFlow switch (OVS) for experimental analysis. Our solution
achieves a 1.40-1.90x reduction in latency for SFC in an OpenStack cloud
network managed by the SDN framework.Comment: 5 page
Indirect Internationalization of New Ventures: A Development And Test of Two Theories
This paper develops resource dependency and institutional theory arguments for explaining SME involvement in direct and indirect (via intermediaries) export activity. Based on resource dependency theory, we argue that a desire to leverage resources in a favorable home market may explain SME direct and indirect export activity. Building on institutional theory, we argue that SMEs operating in an organization field that is perceived as becoming more international will be more likely to export, either directly or indirectly. The theory arguments are tested using a sample of 871 Dutch SMEs. Results from binomial and multinomial logit regressions indicate the following: firms in the production industry are most likely to use export intermediaries, as are firm that face favorable home-country access to investors and banks and favorable home-country government regulations for businesses. In line with institutional theory arguments, firms are most likely to export, directly or indirectly, when the organization field is characterized by domestic competitors and customers who increasingly operate abroad and by an increased use of foreign suppliers. Compared to the direct mode, firms pursuing indirect modes are more likely to perceive favorable national finance market access and less likely to perceive favorable national production costs
Recommended from our members
Towards an aspect weaving BPEL engine
This position paper proposes the use of dynamic aspects and
the visitor design pattern to obtain a highly configurable and
extensible BPEL engine. Using these two techniques, the
core of this infrastructural software can be customised to
meet new requirements and add features such as debugging,
execution monitoring, or changing to another Web Service
selection policy. Additionally, it can easily be extended to
cope with customer-specific BPEL extensions. We propose
the use of dynamic aspects not only on the engine itself
but also on the workflow in order to tackle the problems of
Web Service hot deployment and hot fixes to long running
processes. In this way, composing aWeb Service "on-the-fly"
means weaving its choreography interface into the workflow
- âŠ