{"id":"https://openalex.org/W4223902894","doi":"https://doi.org/10.1145/3508398.3511499","title":"NEUTRON: A Graph-based Pipeline for Zero-trust Network Architectures","display_name":"NEUTRON: A Graph-based Pipeline for Zero-trust Network Architectures","publication_year":2022,"publication_date":"2022-04-14","ids":{"openalex":"https://openalex.org/W4223902894","doi":"https://doi.org/10.1145/3508398.3511499"},"language":"en","primary_location":{"id":"doi:10.1145/3508398.3511499","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3508398.3511499","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3508398.3511499","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3508398.3511499","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054016248","display_name":"Charalampos Katsis","orcid":"https://orcid.org/0000-0002-1876-8478"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Charalampos Katsis","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056918306","display_name":"Fabrizio Cicala","orcid":null},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Fabrizio Cicala","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051226686","display_name":"Dan Thomsen","orcid":null},"institutions":[{"id":"https://openalex.org/I4210103432","display_name":"Smart Information Flow Technologies (United States)","ror":"https://ror.org/01hnzmd62","country_code":"US","type":"company","lineage":["https://openalex.org/I4210103432"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dan Thomsen","raw_affiliation_strings":["SIFT, LLC, Minneapolis, MN, USA"],"affiliations":[{"raw_affiliation_string":"SIFT, LLC, Minneapolis, MN, USA","institution_ids":["https://openalex.org/I4210103432"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052035492","display_name":"Nathan Ringo","orcid":"https://orcid.org/0000-0002-6782-1554"},"institutions":[{"id":"https://openalex.org/I4210103432","display_name":"Smart Information Flow Technologies (United States)","ror":"https://ror.org/01hnzmd62","country_code":"US","type":"company","lineage":["https://openalex.org/I4210103432"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nathan Ringo","raw_affiliation_strings":["SIFT, LLC, Minneapolis, MN, USA"],"affiliations":[{"raw_affiliation_string":"SIFT, LLC, Minneapolis, MN, USA","institution_ids":["https://openalex.org/I4210103432"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5054016248"],"corresponding_institution_ids":["https://openalex.org/I219193219"],"apc_list":null,"apc_paid":null,"fwci":2.3733,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.89840215,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"167","last_page":"178"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8199209570884705},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5842093229293823},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5718170404434204},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.562992513179779},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.4866391122341156},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.47752419114112854},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.4774949252605438},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.44270166754722595},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.43515080213546753},{"id":"https://openalex.org/keywords/pipeline","display_name":"Pipeline (software)","score":0.4322119951248169},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4288520812988281},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3714343011379242},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.2357361614704132},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.1973172426223755},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.1879195272922516},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.15669718384742737},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12981247901916504}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8199209570884705},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5842093229293823},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5718170404434204},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.562992513179779},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.4866391122341156},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.47752419114112854},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.4774949252605438},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.44270166754722595},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.43515080213546753},{"id":"https://openalex.org/C43521106","wikidata":"https://www.wikidata.org/wiki/Q2165493","display_name":"Pipeline (software)","level":2,"score":0.4322119951248169},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4288520812988281},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3714343011379242},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.2357361614704132},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.1973172426223755},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.1879195272922516},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.15669718384742737},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12981247901916504}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3508398.3511499","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3508398.3511499","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3508398.3511499","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3508398.3511499","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3508398.3511499","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3508398.3511499","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2186497367","display_name":null,"funder_award_id":"2112471","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G486605795","display_name":null,"funder_award_id":"211247","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5921281487","display_name":null,"funder_award_id":"number","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G80255033","display_name":null,"funder_award_id":"FA8750-19-C-0082","funder_id":"https://openalex.org/F4320338294","funder_display_name":"Air Force Research Laboratory"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320338294","display_name":"Air Force Research Laboratory","ror":"https://ror.org/02e2egq70"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4223902894.pdf","grobid_xml":"https://content.openalex.org/works/W4223902894.grobid-xml"},"referenced_works_count":16,"referenced_works":["https://openalex.org/W1480909796","https://openalex.org/W1545849364","https://openalex.org/W1602828133","https://openalex.org/W1972777832","https://openalex.org/W1994954690","https://openalex.org/W2060690494","https://openalex.org/W2087047390","https://openalex.org/W2120561608","https://openalex.org/W2146356111","https://openalex.org/W2154765153","https://openalex.org/W2882265941","https://openalex.org/W2977550872","https://openalex.org/W3172913619","https://openalex.org/W4210896998","https://openalex.org/W4254605472","https://openalex.org/W4299610943"],"related_works":["https://openalex.org/W2188814192","https://openalex.org/W1519114293","https://openalex.org/W2151761340","https://openalex.org/W2111277540","https://openalex.org/W3094039898","https://openalex.org/W2173238669","https://openalex.org/W2130339907","https://openalex.org/W2375663084","https://openalex.org/W2114705216","https://openalex.org/W2153264224"],"abstract_inverted_index":{"The":[0],"Zero-Trust":[1],"Architecture":[2],"(ZTA)":[3],"security":[4,37,88,128,132,170],"paradigm":[5],"deploys":[6],"comprehensive":[7],"user-":[8],"and":[9,17,28,44,55,73,83,119,143,184],"resource-aware":[10],"defenses":[11],"both":[12],"at":[13],"the":[14,19,46,53,59,106,110,114,120,125,131,151,168,173,187],"network's":[15],"perimeter":[16],"inside":[18],"network.":[20],"However,":[21],"deploying":[22],"a":[23,30,77,92],"ZTA":[24],"approach":[25,80],"requires":[26],"specifying":[27],"managing":[29],"large,":[31],"network":[32,87,174],"spanning":[33],"set":[34],"of":[35,48,58,108,167,186],"fine-grained":[36,86],"policies,":[38],"which":[39,63,157],"will":[40],"increase":[41,45],"administrators'":[42],"workloads":[43],"chance":[47],"errors.":[49],"This":[50],"paper":[51],"presents":[52],"design":[54],"prototype":[56],"implementation":[57],"NEUTRON":[60,75,90,121],"policy":[61,68,97,122,133,141,144,171,188],"framework,":[62],"provides":[64,91],"an":[65],"automated":[66],"end-to-end":[67],"pipeline,":[69],"specification,":[70],"management,":[71],"testing,":[72],"deployment.":[74],"uses":[76,158],"flexible,":[78],"graph-based":[79,178],"to":[81,140,163],"specify":[82],"share":[84],"complex,":[85],"policies.":[89],"software":[93,115,135],"structure":[94],"so":[95],"that":[96],"patterns":[98],"may":[99],"be":[100],"easily":[101],"shared":[102],"between":[103],"organizations,":[104],"reducing":[105],"burden":[107],"creating":[109],"policy.":[111,129],"Administrators":[112],"assemble":[113],"for":[116,181],"their":[117],"site,":[118],"generator":[123],"creates":[124],"entire":[126],"network-wide":[127,169],"Treating":[130],"like":[134],"also":[136],"allows":[137,180],"new":[138],"approaches":[139],"verification":[142,166],"change":[145,189],"impact":[146],"analysis.":[147],"Thus":[148],"we":[149],"designed":[150],"Security":[152],"Policy":[153],"Regression":[154],"Tool":[155],"(SPRT),":[156],"our":[159,177],"novelRuleset":[160],"Aggregation":[161],"Algorithm":[162],"perform":[164],"scalable":[165],"across":[172],"model.":[175],"Moreover,":[176],"framework":[179],"efficient":[182],"computation":[183],"visualization":[185],"impact.":[190]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}