The Role and Security of Firewalls in IaaS Cloud Computing

2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI:10.1109/ARES.2015.50

Jordan Cropper, Johanna Ullrich, P. Frühwirt, E. Weippl

{"title":"The Role and Security of Firewalls in IaaS Cloud Computing","authors":"Jordan Cropper, Johanna Ullrich, P. Frühwirt, E. Weippl","doi":"10.1109/ARES.2015.50","DOIUrl":null,"url":null,"abstract":"Cloud computing is playing an ever larger role in the IT infrastructure. The migration into the cloud means that we must rethink and adapt our security measures. Ultimately, both the cloud provider and the customer have to accept responsibilities to ensure security best practices are followed. Firewalls are one of the most critical security features. Most IaaS providers make firewalls available to their customers. In most cases, the customer assumes a best-case working scenario which is often not assured. In this paper, we studied the filtering behavior of firewalls provided by five different cloud providers. We found that three providers have firewalls available within their infrastructure. Based on our findings, we developed an open-ended firewall monitoring tool which can be used by cloud customers to understand the firewall's filtering behavior. This information can then be efficiently used for risk management and further security considerations. Measuring today's firewalls has shown that they perform well for the basics, although may not be fully featured considering fragmentation or stateful behavior.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"65 8","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 10th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2015.50","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

Abstract

Cloud computing is playing an ever larger role in the IT infrastructure. The migration into the cloud means that we must rethink and adapt our security measures. Ultimately, both the cloud provider and the customer have to accept responsibilities to ensure security best practices are followed. Firewalls are one of the most critical security features. Most IaaS providers make firewalls available to their customers. In most cases, the customer assumes a best-case working scenario which is often not assured. In this paper, we studied the filtering behavior of firewalls provided by five different cloud providers. We found that three providers have firewalls available within their infrastructure. Based on our findings, we developed an open-ended firewall monitoring tool which can be used by cloud customers to understand the firewall's filtering behavior. This information can then be efficiently used for risk management and further security considerations. Measuring today's firewalls has shown that they perform well for the basics, although may not be fully featured considering fragmentation or stateful behavior.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

防火墙在IaaS云计算中的作用与安全性

云计算在IT基础设施中扮演着越来越重要的角色。向云的迁移意味着我们必须重新考虑和调整我们的安全措施。最终，云提供商和客户都必须承担责任，确保遵循安全最佳实践。防火墙是最关键的安全特性之一。大多数IaaS提供商都向其客户提供防火墙。在大多数情况下，客户会假设一个最佳情况的工作场景，而这通常是不确定的。在本文中，我们研究了五个不同的云提供商提供的防火墙的过滤行为。我们发现有三家提供商在其基础设施中提供了可用的防火墙。基于我们的发现，我们开发了一个开放式防火墙监控工具，云客户可以使用它来了解防火墙的过滤行为。然后，这些信息可以有效地用于风险管理和进一步的安全考虑。对当今防火墙的测量表明，它们在基本方面表现良好，尽管考虑到碎片或有状态行为，它们可能没有完全发挥功能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2015 10th International Conference on Availability, Reliability and Security

自引率

0.00%

发文量