2010
DOI: 10.3233/jcs-2010-0376
|View full text |Cite
|
Sign up to set email alerts
|

Towards automated security policy enforcement in multi-tenant virtual data centers

Abstract: Virtual data centers allow the hosting of virtualized infrastructures (networks, storage, machines) that belong to several customers on the same physical infrastructure. Virtualization theoretically provides the capability for sharing the infrastructure among different customers. In reality, however, this is rarely (if ever) done because of security concerns. A major challenge in allaying such concerns is the enforcement of appropriate customer isolation as specified by high-level security policies. At the cor… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
21
0
1

Year Published

2010
2010
2015
2015

Publication Types

Select...
6
2

Relationship

2
6

Authors

Journals

citations
Cited by 22 publications
(22 citation statements)
references
References 23 publications
0
21
0
1
Order By: Relevance
“…Also, the data center industry is using architecture that automates a virtual infrastructure while automatically applying relevant security mechanisms associated with information-exchange policy (Cabuk et al 2010). These applications are interesting because they provide examples of some challenges related to the release of information based on levels of trust and operational context; translating legislative mandates, policy, and information-sharing agreements; and transforming information-exchange policies into system-enforceable rules.…”
Section: Enforcement Of Information-exchange Policymentioning
confidence: 98%
“…Also, the data center industry is using architecture that automates a virtual infrastructure while automatically applying relevant security mechanisms associated with information-exchange policy (Cabuk et al 2010). These applications are interesting because they provide examples of some challenges related to the release of information based on levels of trust and operational context; translating legislative mandates, policy, and information-sharing agreements; and transforming information-exchange policies into system-enforceable rules.…”
Section: Enforcement Of Information-exchange Policymentioning
confidence: 98%
“…Different virtual machines can run different operating systems and multiple applications on the same physical computer. As many organizations are leaping aboard the virtualization bandwagon now [5,6], they need the management tools to run those machines and support a wide selection of applications and infrastructure services their businesses depend on. The ability to build a virtual infrastructure with a proven platform that scales across hundreds of interconnected physical computers and storage devices is critical to successful management of any data center.…”
Section: Problem 3: Danger Associated With Shared Resourcesmentioning
confidence: 99%
“…Notwithstanding that some features of virtualization can enhance security, many unknown threats are troublesome and dealing with the unknowns can be risky [4]. A popular way to cope with complexities of virtualization involves extensive automation of processes [5]. While automation offers some degree of promise, it requires a well thought-out and effective security policy in place to drive the automation.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…For example, Cabuk et al (Cabuk et al (2010)) presented prototype of automated security policy enforcement for multi-tenancy based on the concept of Trusted Virtual Domains (TVDs). Their approach allows to group VMs belonging to a specific tenant dispersed across multiple Xen Hypervisor into a TVD zone.…”
Section: Research Isolation Approachesmentioning
confidence: 99%