{"title":"通过SDN提升云场景下的网络安全性","authors":"Sebastian Seeber, G. Rodosek","doi":"10.1109/CNSM.2014.7014198","DOIUrl":null,"url":null,"abstract":"The recent emergence of cloud enabled applications raises security concerns increasingly, since more and more personal and company data is outsourced. The security of single systems and services was broadly treated in the past. Cloud systems and services require a more detailed observation of their security requirements and fulfillment, since a huge amount of services and systems coexist on one virtualization layer without knowing other systems on the same layer. Only the cloud provider has a rare idea of these systems' behavior in his own cloud environment. Therefore this work proposes a network security approach which is aware of all existing systems and services hosted by at least one cloud provider. The main idea is to maintain a logically centralized database that provides latest security related information about each system or service. Using this knowledge base, our approach ponders a systems' security score, security requirements given by the systems' owners and the cloud provider, and reconfigures the network accordingly to meet the security requirements for every system. In addition, the reconfiguration process can be used to redirect traffic to additional security systems, in order to obtain more detailed information about a system and therefore increase the accuracy of the specific systems' security score.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Improving network security through SDN in cloud scenarios\",\"authors\":\"Sebastian Seeber, G. Rodosek\",\"doi\":\"10.1109/CNSM.2014.7014198\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The recent emergence of cloud enabled applications raises security concerns increasingly, since more and more personal and company data is outsourced. The security of single systems and services was broadly treated in the past. Cloud systems and services require a more detailed observation of their security requirements and fulfillment, since a huge amount of services and systems coexist on one virtualization layer without knowing other systems on the same layer. Only the cloud provider has a rare idea of these systems' behavior in his own cloud environment. Therefore this work proposes a network security approach which is aware of all existing systems and services hosted by at least one cloud provider. The main idea is to maintain a logically centralized database that provides latest security related information about each system or service. Using this knowledge base, our approach ponders a systems' security score, security requirements given by the systems' owners and the cloud provider, and reconfigures the network accordingly to meet the security requirements for every system. In addition, the reconfiguration process can be used to redirect traffic to additional security systems, in order to obtain more detailed information about a system and therefore increase the accuracy of the specific systems' security score.\",\"PeriodicalId\":268334,\"journal\":{\"name\":\"10th International Conference on Network and Service Management (CNSM) and Workshop\",\"volume\":\"27 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"10th International Conference on Network and Service Management (CNSM) and Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CNSM.2014.7014198\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"10th International Conference on Network and Service Management (CNSM) and Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CNSM.2014.7014198","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Improving network security through SDN in cloud scenarios
The recent emergence of cloud enabled applications raises security concerns increasingly, since more and more personal and company data is outsourced. The security of single systems and services was broadly treated in the past. Cloud systems and services require a more detailed observation of their security requirements and fulfillment, since a huge amount of services and systems coexist on one virtualization layer without knowing other systems on the same layer. Only the cloud provider has a rare idea of these systems' behavior in his own cloud environment. Therefore this work proposes a network security approach which is aware of all existing systems and services hosted by at least one cloud provider. The main idea is to maintain a logically centralized database that provides latest security related information about each system or service. Using this knowledge base, our approach ponders a systems' security score, security requirements given by the systems' owners and the cloud provider, and reconfigures the network accordingly to meet the security requirements for every system. In addition, the reconfiguration process can be used to redirect traffic to additional security systems, in order to obtain more detailed information about a system and therefore increase the accuracy of the specific systems' security score.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
