Software Defined Everything (SDx)
The much touted value of SD(x) is the ability to open up the API so that the application (client/server or peer to peer) can communicate directly with SDN or SDDC based controllers and provision their own storage, end to end service. et al. Now that the intelligence has been taken out of individual network devices and the API potentially opened up for network aware application development, the software developer is truly king. However, this is also true for a would be attacker. Self provisioning via an API without proper security is something new to the land of networking. Proper considerations, design and testing must be integral.
The hypothesis is that whilst this may be desirable and something that is preordained, given we already have considerable issues with building security into “conventional” applications at the moment are we not adding another layer of complexity and another potential version of the OWASP Top 10.
Within the IT industry SDx or literally software defined anything is still a buzz word and whilst its ultimate position in predictions like the Gartner Hype cycle is a matter of fierce debate, there is an underlying creeping nemesis which is not being fully addressed. Software defined networks et al are still being looked at in terms of infrastructure security and NOT considering the application security components. The implications of this view are vast and may be crucial to ISP, datacenter, and enterprise security, as the layers of the OSI model continue to merge and transform.
Questions / Ideas
- Exploring what the security considerations are around SDx, what are the attack surfaces for Software Defined Everything (SDx)?
- Which of the OWASP Top 10 are applicable to SDx applications?
- Explore potential ways of building more robust application security into the software definition process?
- How can SDx be simulated/emulate deffectively for SDN/SDDC applications especially where central controllers and the API are concerned?
- Prepare the future direction in terms of an all inclusive approach to SDx security including a holistic view of both application and infrastructure aspects?
- Infrastructure and Software Solution Architects
- Data Centre Architects and Specialists
- Developers involved in end to end provisioning
- Developers invlved in automated app delivery or containers
Back to list of all Working Sessions and Tracks
Edit this page here