{"id":"https://openalex.org/W2929826675","doi":"https://doi.org/10.1145/3314148.3314349","title":"eZTrust","display_name":"eZTrust","publication_year":2019,"publication_date":"2019-04-03","ids":{"openalex":"https://openalex.org/W2929826675","doi":"https://doi.org/10.1145/3314148.3314349","mag":"2929826675"},"language":"hu","primary_location":{"id":"doi:10.1145/3314148.3314349","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3314148.3314349","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM Symposium on SDN Research","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5040870117","display_name":"Zirak Zaheer","orcid":null},"institutions":[{"id":"https://openalex.org/I223532165","display_name":"University of Utah","ror":"https://ror.org/03r0ha626","country_code":"US","type":"education","lineage":["https://openalex.org/I223532165"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Zirak Zaheer","raw_affiliation_strings":["University of Utah"],"affiliations":[{"raw_affiliation_string":"University of Utah","institution_ids":["https://openalex.org/I223532165"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025679986","display_name":"Hyunseok Chang","orcid":"https://orcid.org/0000-0002-2840-1143"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hyunseok Chang","raw_affiliation_strings":["Nokia Bell Labs"],"affiliations":[{"raw_affiliation_string":"Nokia Bell Labs","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008448513","display_name":"Sarit Mukherjee","orcid":"https://orcid.org/0000-0002-5861-940X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sarit Mukherjee","raw_affiliation_strings":["Nokia Bell Labs"],"affiliations":[{"raw_affiliation_string":"Nokia Bell Labs","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5076342321","display_name":"Jacobus Van der Merwe","orcid":"https://orcid.org/0000-0001-5148-8278"},"institutions":[{"id":"https://openalex.org/I223532165","display_name":"University of Utah","ror":"https://ror.org/03r0ha626","country_code":"US","type":"education","lineage":["https://openalex.org/I223532165"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jacobus Van der Merwe","raw_affiliation_strings":["University of Utah"],"affiliations":[{"raw_affiliation_string":"University of Utah","institution_ids":["https://openalex.org/I223532165"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5040870117"],"corresponding_institution_ids":["https://openalex.org/I223532165"],"apc_list":null,"apc_paid":null,"fwci":3.3365,"has_fulltext":false,"cited_by_count":43,"citation_normalized_percentile":{"value":0.92788348,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"49","last_page":"61"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8741093873977661},{"id":"https://openalex.org/keywords/microservices","display_name":"Microservices","score":0.7039361596107483},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.6509553790092468},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5857823491096497},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5806167721748352},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.5324676036834717},{"id":"https://openalex.org/keywords/workload","display_name":"Workload","score":0.5307744741439819},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.5145220160484314},{"id":"https://openalex.org/keywords/bloom-filter","display_name":"Bloom filter","score":0.4713399112224579},{"id":"https://openalex.org/keywords/data-center","display_name":"Data center","score":0.4476609528064728},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.44650107622146606},{"id":"https://openalex.org/keywords/latency","display_name":"Latency (audio)","score":0.4305686354637146},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.420221745967865},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.19362372159957886},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1568681299686432}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8741093873977661},{"id":"https://openalex.org/C2778505942","wikidata":"https://www.wikidata.org/wiki/Q18344624","display_name":"Microservices","level":3,"score":0.7039361596107483},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.6509553790092468},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5857823491096497},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5806167721748352},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.5324676036834717},{"id":"https://openalex.org/C2778476105","wikidata":"https://www.wikidata.org/wiki/Q628539","display_name":"Workload","level":2,"score":0.5307744741439819},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.5145220160484314},{"id":"https://openalex.org/C147224247","wikidata":"https://www.wikidata.org/wiki/Q885373","display_name":"Bloom filter","level":2,"score":0.4713399112224579},{"id":"https://openalex.org/C153740404","wikidata":"https://www.wikidata.org/wiki/Q671224","display_name":"Data center","level":2,"score":0.4476609528064728},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.44650107622146606},{"id":"https://openalex.org/C82876162","wikidata":"https://www.wikidata.org/wiki/Q17096504","display_name":"Latency (audio)","level":2,"score":0.4305686354637146},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.420221745967865},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.19362372159957886},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1568681299686432},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3314148.3314349","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3314148.3314349","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM Symposium on SDN Research","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W1605921567","https://openalex.org/W1608999459","https://openalex.org/W1658564704","https://openalex.org/W2022106793","https://openalex.org/W2030775397","https://openalex.org/W2049659774","https://openalex.org/W2080897277","https://openalex.org/W2109471749","https://openalex.org/W2109914336","https://openalex.org/W2367220237","https://openalex.org/W2489492559","https://openalex.org/W2505478273","https://openalex.org/W2508635334","https://openalex.org/W2564172594","https://openalex.org/W2610964475","https://openalex.org/W2741103469","https://openalex.org/W2745034467","https://openalex.org/W2887743632"],"related_works":["https://openalex.org/W3181741639","https://openalex.org/W4210334847","https://openalex.org/W4367181468","https://openalex.org/W2767473057","https://openalex.org/W4225586032","https://openalex.org/W2351197002","https://openalex.org/W2086572746","https://openalex.org/W3003367851","https://openalex.org/W2604468458","https://openalex.org/W2886166997"],"abstract_inverted_index":{"Emerging":[0],"microservices-based":[1],"workloads":[2],"introduce":[3],"new":[4],"security":[5],"risks":[6],"in":[7,43,100],"today's":[8],"data":[9,18,75,90],"centers":[10],"as":[11,35],"attacks":[12],"can":[13],"propagate":[14],"laterally":[15],"within":[16],"the":[17,50,111,129],"center":[19,76,91],"relatively":[20],"easily":[21],"by":[22],"exploiting":[23],"cross-service":[24],"dependencies.":[25],"As":[26],"countermeasures":[27],"for":[28,71],"such":[29,34,95],"attacks,":[30],"traditional":[31,164],"perimeterization":[32,69,165],"approaches,":[33],"network-endpoint-based":[36],"access":[37,80],"control,":[38],"do":[39],"not":[40],"fare":[41],"well":[42],"highly":[44],"dynamic":[45],"microservices":[46],"environments":[47],"(especially":[48],"considering":[49],"management":[51],"complexity,":[52],"scalability":[53],"and":[54,88,98,121,125,157],"policy":[55],"granularity":[56],"of":[57,131,137],"these":[58],"earlier":[59],"approaches).":[60],"In":[61],"this":[62,106],"paper,":[63],"we":[64,108],"propose":[65],"eZTrust,":[66],"a":[67,101],"network-independent":[68,103],"approach":[70,133],"microservices.":[72],"eZTrust":[73,150],"allows":[74],"tenants":[77],"to":[78,93,116],"express":[79],"control":[81],"policies":[82,96,147],"based":[83],"on":[84],"fine-grained":[85],"workload":[86,119],"identities,":[87],"enables":[89],"operators":[92],"enforce":[94],"reliably":[97],"efficiently":[99],"purely":[102],"fashion.":[104],"To":[105],"end,":[107],"leverage":[109],"eBPF,":[110],"extended":[112],"Berkeley":[113],"Packet":[114],"Filter,":[115],"trace":[117],"authentic":[118],"identities":[120],"apply":[122],"per-packet":[123],"tagging":[124],"verification.":[126],"We":[127,142],"demonstrate":[128],"feasibility":[130],"our":[132,138],"through":[134],"extensive":[135],"evaluation":[136],"proof-of-concept":[139],"prototype":[140],"implementation.":[141],"find":[143],"that,":[144],"when":[145],"comparable":[146],"are":[148],"enforced,":[149],"incurs":[151],"2--5":[152],"times":[153,159],"lower":[154,160],"packet":[155],"latency":[156],"1.5--2.5":[158],"CPU":[161],"overhead":[162],"than":[163],"schemes.":[166]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":10},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":9},{"year":2020,"cited_by_count":2}],"updated_date":"2026-03-28T08:17:26.163206","created_date":"2019-04-11T00:00:00"}