{"id":"https://openalex.org/W7127171553","doi":"https://doi.org/10.1109/trustcom66490.2025.00027","title":"End-to-End Security Policy Automation with Multi-LLM Agents in Cloud-Native Systems","display_name":"End-to-End Security Policy Automation with Multi-LLM Agents in Cloud-Native Systems","publication_year":2025,"publication_date":"2025-11-14","ids":{"openalex":"https://openalex.org/W7127171553","doi":"https://doi.org/10.1109/trustcom66490.2025.00027"},"language":null,"primary_location":{"id":"doi:10.1109/trustcom66490.2025.00027","is_oa":false,"landing_page_url":"https://doi.org/10.1109/trustcom66490.2025.00027","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 24th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111067861","display_name":"X. H. Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xuefei Chen","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100419861","display_name":"Yong Zhang","orcid":"https://orcid.org/0000-0003-2179-3698"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuqi Zhang","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032378609","display_name":"Haohao Liu","orcid":"https://orcid.org/0000-0001-8742-353X"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haohao Liu","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5124809357","display_name":"Xiaotong Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaotong Wang","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5124807034","display_name":"Chen Li","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chen Li","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044179042","display_name":"Bibo Tu","orcid":"https://orcid.org/0000-0002-0278-7420"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bibo Tu","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.66752433,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"175","last_page":"183"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9161999821662903,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9161999821662903,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.014299999922513962,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10101","display_name":"Cloud Computing and Resource Management","score":0.008100000210106373,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.6553000211715698},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6222000122070312},{"id":"https://openalex.org/keywords/tracing","display_name":"Tracing","score":0.583299994468689},{"id":"https://openalex.org/keywords/flexibility","display_name":"Flexibility (engineering)","score":0.5688999891281128},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5530999898910522},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.5360000133514404},{"id":"https://openalex.org/keywords/knowledge-base","display_name":"Knowledge base","score":0.4997999966144562},{"id":"https://openalex.org/keywords/security-domain","display_name":"Security domain","score":0.47369998693466187},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.4474000036716461}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7565000057220459},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.6553000211715698},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6222000122070312},{"id":"https://openalex.org/C138673069","wikidata":"https://www.wikidata.org/wiki/Q322229","display_name":"Tracing","level":2,"score":0.583299994468689},{"id":"https://openalex.org/C2780598303","wikidata":"https://www.wikidata.org/wiki/Q65921492","display_name":"Flexibility (engineering)","level":2,"score":0.5688999891281128},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5530999898910522},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.5360000133514404},{"id":"https://openalex.org/C4554734","wikidata":"https://www.wikidata.org/wiki/Q593744","display_name":"Knowledge base","level":2,"score":0.4997999966144562},{"id":"https://openalex.org/C2780264999","wikidata":"https://www.wikidata.org/wiki/Q7445032","display_name":"Security domain","level":2,"score":0.47369998693466187},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44909998774528503},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.4474000036716461},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.41260001063346863},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3840999901294708},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.38370001316070557},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.36880001425743103},{"id":"https://openalex.org/C2778180026","wikidata":"https://www.wikidata.org/wiki/Q18378163","display_name":"Semantic heterogeneity","level":4,"score":0.33649998903274536},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.328900009393692},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.3246000111103058},{"id":"https://openalex.org/C195807954","wikidata":"https://www.wikidata.org/wiki/Q1662562","display_name":"Information extraction","level":2,"score":0.3149000108242035},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.31279999017715454},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.30169999599456787},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.29919999837875366},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.290800005197525},{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.28279998898506165},{"id":"https://openalex.org/C2778505942","wikidata":"https://www.wikidata.org/wiki/Q18344624","display_name":"Microservices","level":3,"score":0.2791999876499176},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.2775999903678894},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.27300000190734863},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.2628999948501587},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.25699999928474426}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/trustcom66490.2025.00027","is_oa":false,"landing_page_url":"https://doi.org/10.1109/trustcom66490.2025.00027","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 24th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5685482621192932}],"awards":[],"funders":[{"id":"https://openalex.org/F4320337504","display_name":"Research and Development","ror":"https://ror.org/027s68j25"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W2134321101","https://openalex.org/W2150656895","https://openalex.org/W2284296087","https://openalex.org/W2562533059","https://openalex.org/W2774761221","https://openalex.org/W2806152525","https://openalex.org/W2986159792","https://openalex.org/W4280639272","https://openalex.org/W4377941332","https://openalex.org/W4388202809","https://openalex.org/W4389279107","https://openalex.org/W4402265200","https://openalex.org/W4409155978"],"related_works":[],"abstract_inverted_index":{"Microservice":[0],"architectures":[1,17],"have":[2],"gained":[3],"widespread":[4],"adoption":[5],"in":[6,21,90,110,119,159],"cloud-native":[7,161],"environments":[8],"due":[9],"to":[10,83,133],"their":[11],"flexibility":[12],"and":[13,25,60,113,125,155],"scalability.":[14],"However,":[15],"these":[16],"pose":[18],"significant":[19],"challenges":[20],"the":[22,123,136,144,152],"automated":[23,47,160],"generation":[24],"dynamic":[26,94],"updating":[27],"of":[28,157],"fine-grained":[29],"security":[30,48,162],"policies.":[31,138],"This":[32,77],"paper":[33],"presents":[34],"LLM2policy,":[35],"a":[36,73],"novel":[37],"framework":[38],"that":[39,105,143],"utilizes":[40],"large":[41],"language":[42],"models":[43],"(LLMs)":[44],"for":[45,135],"end-to-end":[46],"policy":[49,95,163],"generation.":[50],"LLM2policy":[51,106,158],"extracts":[52],"microservice":[53,102],"entity":[54,111],"information":[55,71],"from":[56,65,99,131],"deployment":[57],"YAML":[58,91],"files":[59],"identifies":[61],"RPC":[62],"call":[63],"relationships":[64],"distributed":[66],"tracing":[67],"data,":[68],"consolidating":[69],"this":[70],"into":[72],"structured":[74],"knowledge":[75,78],"base.":[76],"base":[79],"is":[80],"then":[81],"used":[82],"automatically":[84],"generate":[85],"Istio-compatible":[86],"access":[87],"control":[88],"policies":[89,146],"format,":[92],"enabling":[93],"updates.":[96],"Evaluation":[97],"results":[98],"five":[100],"benchmark":[101],"systems":[103],"demonstrate":[104],"achieves":[107],"100%":[108,134],"accuracy":[109,118],"recognition":[112],"dependency":[114],"extraction,":[115],"over":[116],"98.81%":[117],"semantic":[120],"extraction":[121],"by":[122],"LLM,":[124],"unit":[126],"test":[127],"pass":[128],"rates":[129],"ranging":[130],"93.75%":[132],"generated":[137,145],"Furthermore,":[139],"attack":[140],"simulations":[141],"confirm":[142],"effectively":[147],"mitigate":[148],"unauthorized":[149],"access,":[150],"highlighting":[151],"practical":[153],"applicability":[154],"robustness":[156],"management.":[164]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-02-03T00:00:00"}
