{"title":"Secured architecture for inter-VM traffic in a Cloud environment","authors":"Karim Benzidane, Saad Khoudali, A. Sekkaki","doi":"10.1109/LatinCloud.2013.6842218","DOIUrl":null,"url":null,"abstract":"Cloud Computing (CC) is a large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing power, storage, platforms, and services are delivered on demand to external customers over the Internet. On the other hand, one of the key enablers for building Cloud environments is Virtualization. It offers a great level of efficiency and scalability that makes the complex processing of the Cloud possible. However, with these advantages come certain limitations, especially in relation to security. Virtualization vulnerabilities and more specifically isolation, creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. Hence, without strict controls put in place within the Cloud, guests could violate and bypass security policies, intercept unauthorized client data, and initiate or become the target of security attacks. This article discusses the security and the visibility issues of inter-VM traffic, by proposing a solution for it within the Cloud context. The proposed approach provides Virtual Machines (VMs) authentication, communication integrity, and enforces trusted transactions, through security mechanisms, structures, policies, and various intrusion detection techniques.","PeriodicalId":344490,"journal":{"name":"2nd IEEE Latin American Conference on Cloud Computing and Communications","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2nd IEEE Latin American Conference on Cloud Computing and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LatinCloud.2013.6842218","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
Cloud Computing (CC) is a large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing power, storage, platforms, and services are delivered on demand to external customers over the Internet. On the other hand, one of the key enablers for building Cloud environments is Virtualization. It offers a great level of efficiency and scalability that makes the complex processing of the Cloud possible. However, with these advantages come certain limitations, especially in relation to security. Virtualization vulnerabilities and more specifically isolation, creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. Hence, without strict controls put in place within the Cloud, guests could violate and bypass security policies, intercept unauthorized client data, and initiate or become the target of security attacks. This article discusses the security and the visibility issues of inter-VM traffic, by proposing a solution for it within the Cloud context. The proposed approach provides Virtual Machines (VMs) authentication, communication integrity, and enforces trusted transactions, through security mechanisms, structures, policies, and various intrusion detection techniques.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
