Proceedings of the 14th ACM Conference on Computer and Communications Security 2007
DOI: 10.1145/1315245.1315275
|View full text |Cite
|
Sign up to set email alerts
|

Towards automated provisioning of secure virtualized networks

Abstract: We describe a secure network virtualization framework that helps realize the abstraction of Trusted Virtual Domains (TVDs), a security-enhanced variant of virtualized network zones. The framework allows groups of related virtual machines running on separate physical machines to be connected together as though there were on their own separate network fabric and, at the same time, helps enforce crossgroup security requirements such as isolation, confidentiality, security, and information flow control. The framew… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
30
0
1

Year Published

2010
2010
2016
2016

Publication Types

Select...
5
2
1

Relationship

0
8

Authors

Journals

citations
Cited by 40 publications
(31 citation statements)
references
References 16 publications
0
30
0
1
Order By: Relevance
“…This type of attack, often referred to as "eavesdropping" or "sniffing", may lead to theft of confidential information [4,5,20]. Wu et al [20], specifically, mention ARP table poisoning as a means of achieving this.…”
Section: Information Interceptionmentioning
confidence: 99%
See 2 more Smart Citations
“…This type of attack, often referred to as "eavesdropping" or "sniffing", may lead to theft of confidential information [4,5,20]. Wu et al [20], specifically, mention ARP table poisoning as a means of achieving this.…”
Section: Information Interceptionmentioning
confidence: 99%
“…In addition to dealing with unauthorized disclosure, Cabuk et al [5] and Wu et al [20] also describe threats related to deception in virtual network environments. Specifically, virtual entities may inject malicious messages into a virtual network, and deceive others into believing that such messages came from another entity.…”
Section: Identity Fraudmentioning
confidence: 99%
See 1 more Smart Citation
“…There are also some uncommon metrics, such as, the number of active physical nodes [16], delay [41], total allocated bandwidth [37], throughput [41,[48][49][50][51][52][53][54][55][56][57][58][59][60][61][62], etc.…”
Section: Acceptance Ratio Of Vnsmentioning
confidence: 99%
“…On the other hand it requires the orchestration of multiple functions of different entities to supply a (virtual) machine with an HBA, making it harder to describe a (virtual) machine's setup. Similar problems arise when creating virtual networks across large infrastructures, as described in [5], that describes a method for instantiating and deploying security and isolation mechanisms in virtualized environments. Rooney et al describe a method for automatic VLAN creation, based on on-line measurement [11], while [3] describes a resource provisioning scheme regarding resource availability.…”
Section: Introductionmentioning
confidence: 95%