{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,22]],"date-time":"2026-06-22T17:05:59Z","timestamp":1782147959308,"version":"3.54.5"},"publisher-location":"New York, NY, USA","reference-count":73,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,6,7]],"date-time":"2022-06-07T00:00:00Z","timestamp":1654560000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-20-1-2696"],"award-info":[{"award-number":["N00014-20-1-2696"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,6,7]]},"DOI":"10.1145\/3532105.3535029","type":"proceedings-article","created":{"date-parts":[[2022,6,8]],"date-time":"2022-06-08T14:29:57Z","timestamp":1654698597000},"page":"151-162","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":18,"title":["Removing the Reliance on Perimeters for Security using Network Views"],"prefix":"10.1145","author":[{"given":"Iffat","family":"Anjum","sequence":"first","affiliation":[{"name":"NC State University, Raleigh, NC, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Daniel","family":"Kostecki","sequence":"additional","affiliation":[{"name":"Northeastern University, Boston, MA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ethan","family":"Leba","sequence":"additional","affiliation":[{"name":"Northeastern University, Boston, MA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jessica","family":"Sokal","sequence":"additional","affiliation":[{"name":"Northeastern University, Boston, MA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Rajit","family":"Bharambe","sequence":"additional","affiliation":[{"name":"NC State University, Raleigh, NC, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"William","family":"Enck","sequence":"additional","affiliation":[{"name":"NC State University, Raleigh, NC, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Cristina","family":"Nita-Rotaru","sequence":"additional","affiliation":[{"name":"Northeastern University, Boston, MA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Bradley","family":"Reaves","sequence":"additional","affiliation":[{"name":"NC State University, Raleigh, NC, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2022,6,8]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"Proceedings of the IEEE Global Communications Conference (GLOBECOM).","author":"Addad R. A.","unstructured":"R. A. Addad , D. L. C. Dutra , M. Bagaa , T. Taleb , H. Flinck , and M. Namane . 2018. Benchmarking the ONOS Intent Interfaces to Ease 5G Service Management . In Proceedings of the IEEE Global Communications Conference (GLOBECOM). R. A. Addad, D. L. C. Dutra, M. Bagaa, T. Taleb, H. Flinck, and M. Namane. 2018. Benchmarking the ONOS Intent Interfaces to Ease 5G Service Management. In Proceedings of the IEEE Global Communications Conference (GLOBECOM)."},{"key":"e_1_3_2_2_2_1","unstructured":"Iffat Anjum. 2021. Single Site Netviews. GitHub. https:\/\/github.com\/netviews\/ss-netviews.  Iffat Anjum. 2021. Single Site Netviews. GitHub. https:\/\/github.com\/netviews\/ss-netviews."},{"key":"e_1_3_2_2_3_1","volume-title":"Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY).","author":"Anjum Iffat","unstructured":"Iffat Anjum , Mu Zhu , Isaac Polinsky , William Enck , Michael K. Reiter , and Munindar P. Singh . 2021. Role-Based Deception in Enterprise Networks . In Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY). Iffat Anjum, Mu Zhu, Isaac Polinsky, William Enck, Michael K. Reiter, and Munindar P. Singh. 2021. Role-Based Deception in Enterprise Networks. In Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY)."},{"key":"e_1_3_2_2_4_1","unstructured":"MITRE ATT&CK. 2019. NotPetya. https:\/\/attack.mitre.org\/software\/S0368\/.  MITRE ATT&CK. 2019. NotPetya. https:\/\/attack.mitre.org\/software\/S0368\/."},{"key":"e_1_3_2_2_5_1","volume-title":"Proceedings of the International Conference on Fog and Mobile Edge Computing (FMEC).","author":"Basnet R.","unstructured":"R. Basnet , S. Mukherjee , V. M. Pagadala , and I. Ray . 2018. An efficient implementation of next generation access control for the mobile health cloud . In Proceedings of the International Conference on Fog and Mobile Edge Computing (FMEC). R. Basnet, S. Mukherjee, V. M. Pagadala, and I. Ray. 2018. An efficient implementation of next generation access control for the mobile health cloud. In Proceedings of the International Conference on Fog and Mobile Edge Computing (FMEC)."},{"key":"e_1_3_2_2_6_1","volume-title":"Effects of cyber security knowledge on attack detection. Computers in Human Behavior 48","author":"Ben-Asher Noam","year":"2015","unstructured":"Noam Ben-Asher and Cleotilde Gonzalez . 2015. Effects of cyber security knowledge on attack detection. Computers in Human Behavior 48 ( 2015 ). Noam Ben-Asher and Cleotilde Gonzalez. 2015. Effects of cyber security knowledge on attack detection. Computers in Human Behavior 48 (2015)."},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2656877.2656890"},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICIN51074.2021.9385530"},{"key":"e_1_3_2_2_9_1","unstructured":"BitWizard B.V. 1997. MTR. BitWizard. http:\/\/www.bitwizard.nl\/mtr\/.  BitWizard B.V. 1997. MTR. BitWizard. http:\/\/www.bitwizard.nl\/mtr\/."},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.23040"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1282380.1282382"},{"key":"e_1_3_2_2_12_1","volume-title":"Rubin","author":"Cheswick William R.","year":"2003","unstructured":"William R. Cheswick , Steven M. Bellovin , and Aviel D . Rubin . 2003 . Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley Professional . William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin. 2003. Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley Professional."},{"key":"e_1_3_2_2_13_1","unstructured":"Department of Homehald Security CISA. 2017. Petya Ransomware. Alert (TA17--181A). https:\/\/us-cert.cisa.gov\/ncas\/alerts\/TA17--181A.  Department of Homehald Security CISA. 2017. Petya Ransomware. Alert (TA17--181A). https:\/\/us-cert.cisa.gov\/ncas\/alerts\/TA17--181A."},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2013.37"},{"key":"e_1_3_2_2_15_1","unstructured":"Jon Dugan Seth Elliott Bruce A. Mah Jeff Poskanzer and Kaustubh Prabhu. 2015. iPerf - The ultimate speed test tool for TCP UDP and SCTP. https:\/\/iperf.fr\/.  Jon Dugan Seth Elliott Bruce A. Mah Jeff Poskanzer and Kaustubh Prabhu. 2015. iPerf - The ultimate speed test tool for TCP UDP and SCTP. https:\/\/iperf.fr\/."},{"key":"e_1_3_2_2_16_1","volume-title":"Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI).","author":"Fayazbakhsh Seyed Kaveh","unstructured":"Seyed Kaveh Fayazbakhsh , Luis Chiang , Vyas Sekar , Minlan Yu , and Jeffrey C. Mogul . 2014. Enforcing Network-Wide Policies in the Presence of Dynamic Middlebox Actions using FlowTags . In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI). Seyed Kaveh Fayazbakhsh, Luis Chiang, Vyas Sekar, Minlan Yu, and Jeffrey C. Mogul. 2014. Enforcing Network-Wide Policies in the Presence of Dynamic Middlebox Actions using FlowTags. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI)."},{"key":"e_1_3_2_2_17_1","volume-title":"The Policy Machine: A novel architecture and framework for access control policy specification and enforcement. JOURNAL of Systems Architecture 57, 4","author":"Ferraiolo David","year":"2011","unstructured":"David Ferraiolo , Vijayalakshmi Atluri , and Serban Gavrila . 2011. The Policy Machine: A novel architecture and framework for access control policy specification and enforcement. JOURNAL of Systems Architecture 57, 4 ( 2011 ). David Ferraiolo, Vijayalakshmi Atluri, and Serban Gavrila. 2011. The Policy Machine: A novel architecture and framework for access control policy specification and enforcement. JOURNAL of Systems Architecture 57, 4 (2011)."},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2875491.2875496"},{"key":"e_1_3_2_2_19_1","unstructured":"David F Ferraiolo Larry Feldman and Gregory A Witte. 2016. Exploring the next generation of access control methodologies. NIST. https:\/\/www.nist.gov\/publications\/exploring-next-generation-access-control-methodologies.  David F Ferraiolo Larry Feldman and Gregory A Witte. 2016. Exploring the next generation of access control methodologies. NIST. https:\/\/www.nist.gov\/publications\/exploring-next-generation-access-control-methodologies."},{"key":"e_1_3_2_2_20_1","unstructured":"FireEye. 2020. Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor. THREAT RESEARCH. https:\/\/www.fireeye.com\/blog\/threat-research\/2020\/12\/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html.  FireEye. 2020. Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor. THREAT RESEARCH. https:\/\/www.fireeye.com\/blog\/threat-research\/2020\/12\/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html."},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2034574.2034812"},{"key":"e_1_3_2_2_22_1","unstructured":"Open Networking Foundation. 2018. Intent Framework. ONOS. https:\/\/wiki.onosproject.org\/display\/ONOS\/Intent+Framework.  Open Networking Foundation. 2018. Intent Framework. ONOS. https:\/\/wiki.onosproject.org\/display\/ONOS\/Intent+Framework."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2004.1281597"},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3317549.3323413"},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2342441.2342458"},{"key":"e_1_3_2_2_26_1","volume-title":"Proceedings of the ACM Workshop on Research on Enterprise Networking (WREN).","author":"Hinrichs Timothy L.","unstructured":"Timothy L. Hinrichs , N. Gude , M. Casado , John C. Mitchell , and S. Shenker . 2009. Practical declarative network management . In Proceedings of the ACM Workshop on Research on Enterprise Networking (WREN). Timothy L. Hinrichs, N. Gude, M. Casado, John C. Mitchell, and S. Shenker. 2009. Practical declarative network management. In Proceedings of the ACM Workshop on Research on Enterprise Networking (WREN)."},{"key":"e_1_3_2_2_27_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS).","author":"Hong Sungmin","unstructured":"Sungmin Hong , R. Baykov , Lei Xu , Srinath Nadimpalli , and G. Gu . 2016. Towards SDN-Defined Programmable BYOD (Bring Your Own Device) Security . In Proceedings of the Network and Distributed System Security Symposium (NDSS). Sungmin Hong, R. Baykov, Lei Xu, Srinath Nadimpalli, and G. Gu. 2016. Towards SDN-Defined Programmable BYOD (Bring Your Own Device) Security. In Proceedings of the Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2015.33"},{"key":"e_1_3_2_2_29_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Jero Samuel","year":"2017","unstructured":"Samuel Jero , William Koch , Richard Skowyra , Hamed Okhravi , Cristina Nita-Rotaru , and David Bigelow . 2017 . Identifier Binding Attacks and Defenses in Software-Defined Networks . In Proceedings of the USENIX Security Symposium. Samuel Jero, William Koch, Richard Skowyra, Hamed Okhravi, Cristina Nita-Rotaru, and David Bigelow. 2017. Identifier Binding Attacks and Defenses in Software-Defined Networks. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_2_30_1","unstructured":"Akash Shah Joshua Roberts. 2019. Policy Machine Core. GitHub. https:\/\/github.com\/PM-Master\/policy-machine-core.  Akash Shah Joshua Roberts. 2019. Policy Machine Core. GitHub. https:\/\/github.com\/PM-Master\/policy-machine-core."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"crossref","DOI":"10.1109\/MCOM.2005.1561920","article-title":"Extensible authentication protocol (EAP) and IEEE 802.1x: tutorial and empirical experience","volume":"43","author":"Chen Jyh-Cheng","year":"2005","unstructured":"Jyh-Cheng Chen and Yu-Ping Wang . 2005 . Extensible authentication protocol (EAP) and IEEE 802.1x: tutorial and empirical experience . IEEE Communications Magazine 43 , 12 (2005). Jyh-Cheng Chen and Yu-Ping Wang. 2005. Extensible authentication protocol (EAP) and IEEE 802.1x: tutorial and empirical experience. IEEE Communications Magazine 43, 12 (2005).","journal-title":"IEEE Communications Magazine"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2017.2657123"},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3450569.3463558"},{"key":"e_1_3_2_2_34_1","volume-title":"Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI).","author":"Kazemian Peyman","year":"2012","unstructured":"Peyman Kazemian , George Varghese , and Nick McKeown . 2012 . Header Space Analysis: Static Checking for Networks . In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI). Peyman Kazemian, George Varghese, and Nick McKeown. 2012. Header Space Analysis: Static Checking for Networks. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI)."},{"key":"e_1_3_2_2_35_1","volume-title":"Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI).","author":"Kim Hyojoon","year":"2015","unstructured":"Hyojoon Kim , Joshua Reich , Arpit Gupta , Muhammad Shahbaz , Nick Feamster , and Russ Clark . 2015 . Kinetic: Verifiable Dynamic Network Control . In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI). Hyojoon Kim, Joshua Reich, Arpit Gupta, Muhammad Shahbaz, Nick Feamster, and Russ Clark. 2015. Kinetic: Verifiable Dynamic Network Control. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI)."},{"key":"e_1_3_2_2_36_1","volume-title":"Lithium: Event-Driven Network Control","author":"Kim Hyojoon","year":"2012","unstructured":"Hyojoon Kim , A. Voellmy , Sam Burnett , N. Feamster , and R. Clark . 2012 . Lithium: Event-Driven Network Control . Georgia Tech Library . https:\/\/smartech.gatech.edu\/handle\/1853\/43377. Hyojoon Kim, A. Voellmy, Sam Burnett, N. Feamster, and R. Clark. 2012. Lithium: Event-Driven Network Control. Georgia Tech Library. https:\/\/smartech.gatech.edu\/handle\/1853\/43377."},{"key":"e_1_3_2_2_37_1","unstructured":"Shashi Kiran. 2015. Data-Center: Micro-segmentation: Enhancing Security and Operational Simplicity with Cisco ACI. CISCO. https:\/\/blogs.cisco.com\/datacenter\/microsegmentation.  Shashi Kiran. 2015. Data-Center: Micro-segmentation: Enhancing Security and Operational Simplicity with Cisco ACI. CISCO. https:\/\/blogs.cisco.com\/datacenter\/microsegmentation."},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24162"},{"key":"e_1_3_2_2_39_1","volume-title":"Proceedings of the USENIX Annual Technical Conference.","author":"Levin Dan","year":"2014","unstructured":"Dan Levin , Marco Canini , Stefan Schmid , Fabian Schaffert , and Anja Feldmann . 2014 . Panopticon: Reaping the Benefits of Incremental SDN Deployment in Enterprise Networks . In Proceedings of the USENIX Annual Technical Conference. Dan Levin, Marco Canini, Stefan Schmid, Fabian Schaffert, and Anja Feldmann. 2014. Panopticon: Reaping the Benefits of Incremental SDN Deployment in Enterprise Networks. In Proceedings of the USENIX Annual Technical Conference."},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2006.302434"},{"key":"e_1_3_2_2_41_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P).","author":"Mayer A.","unstructured":"A. Mayer , A. Wool , and E. Ziskind . 2000. Fang: a firewall analysis engine . In Proceedings of the IEEE Symposium on Security and Privacy (S&P). A. Mayer, A. Wool, and E. Ziskind. 2000. Fang: a firewall analysis engine. In Proceedings of the IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/1355734.1355746"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2995959.2995961"},{"key":"e_1_3_2_2_44_1","volume-title":"the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers","author":"Defender Research Team Microsoft","year":"2020","unstructured":"Microsoft 365 Defender Research Team . 2020. Analyzing Solorigate , the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers . Microsoft Threat Intelligence Center (MSTIC) . https:\/\/www.microsoft.com\/security\/blog\/ 2020 \/12\/18\/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect\/. Microsoft 365 Defender Research Team. 2020. Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers. Microsoft Threat Intelligence Center (MSTIC). https:\/\/www.microsoft.com\/security\/blog\/2020\/12\/18\/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect\/."},{"key":"e_1_3_2_2_45_1","volume-title":"Proceedings of the Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL).","author":"Monsanto Christopher","unstructured":"Christopher Monsanto , Nate Foster , Rob Harrison , and David P. Walker . 2012. A compiler and run-time system for network programming languages . In Proceedings of the Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL). Christopher Monsanto, Nate Foster, Rob Harrison, and David P. Walker. 2012. A compiler and run-time system for network programming languages. In Proceedings of the Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL)."},{"key":"e_1_3_2_2_46_1","volume-title":"Composing Software-Defined Networks. In USENIX Symposium on Networked Systems Design and Implementation (NSDI).","author":"Monsanto Christopher","year":"2013","unstructured":"Christopher Monsanto , Joshua Reich , Nate Foster , Jennifer Rexford , and David Walker . 2013 . Composing Software-Defined Networks. In USENIX Symposium on Networked Systems Design and Implementation (NSDI). Christopher Monsanto, Joshua Reich, Nate Foster, Jennifer Rexford, and David Walker. 2013. Composing Software-Defined Networks. In USENIX Symposium on Networked Systems Design and Implementation (NSDI)."},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2019.1800324"},{"key":"e_1_3_2_2_48_1","first-page":"7","article-title":"Design of implementation of a zero trust approach to network micro-segmentation","volume":"29","author":"Mujib Muhammad","year":"2020","unstructured":"Muhammad Mujib and Riri Fitri Sari . 2020 . Design of implementation of a zero trust approach to network micro-segmentation . International JOURNAL of Advanced Science and Technology 29 , 7 (apr 2020). Muhammad Mujib and Riri Fitri Sari. 2020. Design of implementation of a zero trust approach to network micro-segmentation. International JOURNAL of Advanced Science and Technology 29, 7 (apr 2020).","journal-title":"International JOURNAL of Advanced Science and Technology"},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/1592681.1592684"},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/1592681.1592684"},{"key":"e_1_3_2_2_51_1","unstructured":"Netviews2022. 2021. Netviews Online Appendix. https:\/\/gist.github.com\/Netviews2022\/67d5265a19039e4f8c4d1733f0c02751.  Netviews2022. 2021. Netviews Online Appendix. https:\/\/gist.github.com\/Netviews2022\/67d5265a19039e4f8c4d1733f0c02751."},{"key":"e_1_3_2_2_52_1","volume-title":"Proceedings of the SoutheastCon (SECON).","author":"Neupane K.","unstructured":"K. Neupane , R. Haddad , and L. Chen . 2018. Next Generation Firewall for Network Security: A Survey . In Proceedings of the SoutheastCon (SECON). K. Neupane, R. Haddad, and L. Chen. 2018. Next Generation Firewall for Network Security: A Survey. In Proceedings of the SoutheastCon (SECON)."},{"key":"e_1_3_2_2_53_1","volume-title":"Proceedings of the Winter Simulation Conference (WSC).","author":"David","unstructured":"David M. Nicol and Vikas Mallapura. 2014. Modeling and analysis of stepping stone attacks . In Proceedings of the Winter Simulation Conference (WSC). David M. Nicol and Vikas Mallapura. 2014. Modeling and analysis of stepping stone attacks. In Proceedings of the Winter Simulation Conference (WSC)."},{"key":"e_1_3_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3185467.3185474"},{"key":"e_1_3_2_2_55_1","unstructured":"Executive Office of the President. 2022. Moving the U.S. Government Toward Zero Trust Cybersecurity Principles. Memorandum. https:\/\/www.whitehouse.gov\/wp-content\/uploads\/2022\/01\/M-22-09.pdf.  Executive Office of the President. 2022. Moving the U.S. Government Toward Zero Trust Cybersecurity Principles. Memorandum. https:\/\/www.whitehouse.gov\/wp-content\/uploads\/2022\/01\/M-22-09.pdf."},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2486001.2486022"},{"key":"e_1_3_2_2_57_1","volume-title":"Zero trust architecture","author":"Rose Scott","unstructured":"Scott Rose , Oliver Borchert , Stu Mitchell , and Sean Connelly . 2019. Zero trust architecture . National Institute of Standards and Technology . https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800--207\/final. Scott Rose, Oliver Borchert, Stu Mitchell, and Sean Connelly. 2019. Zero trust architecture. National Institute of Standards and Technology. https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800--207\/final."},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/270152.270163"},{"key":"e_1_3_2_2_59_1","doi-asserted-by":"crossref","unstructured":"R. S. Sandhu E. J. Coyne H. L. Feinstein and C. E. Youman. 1996. Role-based access control models. Computer 29 2 (1996).  R. S. Sandhu E. J. Coyne H. L. Feinstein and C. E. Youman. 1996. Role-based access control models. Computer 29 2 (1996).","DOI":"10.1109\/2.485845"},{"key":"e_1_3_2_2_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1236236"},{"key":"e_1_3_2_2_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/1672308.1672333"},{"key":"e_1_3_2_2_62_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P).","author":"Sheyner O.","unstructured":"O. Sheyner , J. Haines , S. Jha , R. Lippmann , and J.M. Wing . 2002. Automated generation and analysis of attack graphs . In Proceedings of the IEEE Symposium on Security and Privacy (S&P). O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing. 2002. Automated generation and analysis of attack graphs. In Proceedings of the IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_2_63_1","volume-title":"Proceedings of the IEEE INFOCOM Workshops.","author":"Sripanidkulchai K.","unstructured":"K. Sripanidkulchai , C. Issariyapat , and K. Meesublak . 2008. Inference of network-wide VLAN usage in small enterprise networks . In Proceedings of the IEEE INFOCOM Workshops. K. Sripanidkulchai, C. Issariyapat, and K. Meesublak. 2008. Inference of network-wide VLAN usage in small enterprise networks. In Proceedings of the IEEE INFOCOM Workshops."},{"key":"e_1_3_2_2_64_1","volume-title":"Proceedings of the IEEE International Symposium on Computers and Communications.","author":"Talpade R.","unstructured":"R. Talpade , G. Kim , and S. Khurana . 1999. NOMAD: traffic-based network monitoring framework for anomaly detection . In Proceedings of the IEEE International Symposium on Computers and Communications. R. Talpade, G. Kim, and S. Khurana. 1999. NOMAD: traffic-based network monitoring framework for anomaly detection. In Proceedings of the IEEE International Symposium on Computers and Communications."},{"key":"e_1_3_2_2_65_1","unstructured":"Mininet Team. 2018. Mininet An Instant Virtual Network on your Laptop (or other PC). http:\/\/mininet.org\/.  Mininet Team. 2018. Mininet An Instant Virtual Network on your Laptop (or other PC). http:\/\/mininet.org\/."},{"key":"e_1_3_2_2_66_1","volume-title":"Reigns to the Cloud: Compromising Cloud Systems via the Data Plane. CoRR abs\/1610.08717","author":"Thimmaraju Kashyap","year":"2016","unstructured":"Kashyap Thimmaraju , Bhargava Shastry , Tobias Fiebig , Felicitas Hetzelt , Jean-Pierre Seifert , Anja Feldmann , and Stefan Schmid . 2016. Reigns to the Cloud: Compromising Cloud Systems via the Data Plane. CoRR abs\/1610.08717 ( 2016 ). Kashyap Thimmaraju, Bhargava Shastry, Tobias Fiebig, Felicitas Hetzelt, Jean-Pierre Seifert, Anja Feldmann, and Stefan Schmid. 2016. Reigns to the Cloud: Compromising Cloud Systems via the Data Plane. CoRR abs\/1610.08717 (2016)."},{"key":"e_1_3_2_2_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/3205977.3206000"},{"key":"e_1_3_2_2_68_1","volume-title":"BeyondCorp: A New Approach to Enterprise Security. ;login: 39, 6","author":"Ward Rory","year":"2014","unstructured":"Rory Ward and Betsy Beyer . 2014. BeyondCorp: A New Approach to Enterprise Security. ;login: 39, 6 ( 2014 ). Rory Ward and Betsy Beyer. 2014. BeyondCorp: A New Approach to Enterprise Security. ;login: 39, 6 (2014)."},{"key":"e_1_3_2_2_69_1","volume-title":"A quantitative study of firewall configuration errors. Computer 37, 6","author":"Wool A.","year":"2004","unstructured":"A. Wool . 2004. A quantitative study of firewall configuration errors. Computer 37, 6 ( 2004 ). A. Wool. 2004. A quantitative study of firewall configuration errors. Computer 37, 6 (2004)."},{"key":"e_1_3_2_2_70_1","volume-title":"Enabling security functions with SDN: A feasibility study. Computer Networks 85","author":"Yoon Changhoon","year":"2015","unstructured":"Changhoon Yoon , Taejune Park , Seungsoo Lee , Heedo Kang , Seungwon Shin , and Zonghua Zhang . 2015. Enabling security functions with SDN: A feasibility study. Computer Networks 85 ( 2015 ). Changhoon Yoon, Taejune Park, Seungsoo Lee, Heedo Kang, Seungwon Shin, and Zonghua Zhang. 2015. Enabling security functions with SDN: A feasibility study. Computer Networks 85 (2015)."},{"key":"e_1_3_2_2_71_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23200"},{"key":"e_1_3_2_2_72_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24007"},{"key":"e_1_3_2_2_73_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_8"}],"event":{"name":"SACMAT '22: The 27th ACM Symposium on Access Control Models and Technologies","location":"New York NY USA","acronym":"SACMAT '22","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3532105.3535029","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3532105.3535029","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3532105.3535029","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:09:14Z","timestamp":1750183754000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3532105.3535029"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,7]]},"references-count":73,"alternative-id":["10.1145\/3532105.3535029","10.1145\/3532105"],"URL":"https:\/\/doi.org\/10.1145\/3532105.3535029","relation":{},"subject":[],"published":{"date-parts":[[2022,6,7]]},"assertion":[{"value":"2022-06-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}