Transparent identity-based firewall transition for eScience

Wiebelitz, Jan; Piger, Stefan; Kunz, Christopher; Grimm, Christian

doi:10.1109/esciw.2009.5407985

Cited by 5 publications

(1 citation statement)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…al [8] proposed a new concept for dynamic firewall operation including the use of TCP three-way handshake for the users authentication information needed by dynamic firewall operation. The firewall utilizes this information in-order to authorize the connections established during the sessions based on user's proven identity.…”

Section: Related Workmentioning

confidence: 99%

A 5-Level Security Approach for Data Storage in Cloud

Kotiyal¹,

Saxena²,

Goudar³

et al. 2012

IJCA

View full text Add to dashboard Cite

Everyone in the IT world is bustling with the cloud computing concept. Conversing about the catchphrase cloud, the terms like virtualization, resources, elasticity, security, pay per use basis hit the mind. A key stumbling block of motivating the IT sector towards cloud ethnicity is the lack of conviction on security. The cloud provider, in turn, also needs to insist on authoritarian of the security policies, making trust on the clients. To improve the mutual trust between costumer and cloud provider, a well-understood trust foundation needs to be in place. Keeping in mind this paper presents a new approach to provide five level securities to the data stored and accessed by the cloud user. In cloud, the data of the individual or an organization is stored tenuously and the client does not have any control over it, hence the security becomes a major dilemma. Keeping in mind of the security required, this paper introduces a strong authentication, confidentiality and integrity mechanisms for storing the data of client at the data center. The modernization of this method is to place identity and information separately on different level thus providing five -level security which have no direct communication between them, all working at different places.

show abstract

Section: Related Workmentioning

confidence: 99%

A 5-Level Security Approach for Data Storage in Cloud

Kotiyal¹,

Saxena²,

Goudar³

et al. 2012

IJCA

View full text Add to dashboard Cite

show abstract

Enhancing HPC security with a user-based firewall

Prout

Arcand

Bestor

et al. 2016

2016 IEEE High Performance Extreme Computing Conference (HPEC)

View full text Add to dashboard Cite

Abstract-High Performance Computing (HPC) systems traditionally allow their users unrestricted use of their internal network. While this network is normally controlled enough to guarantee privacy without the need for encryption, it does not provide a method to authenticate peer connections. Protocols built upon this internal network, such as those used in MPI, Lustre, Hadoop, or Accumulo, must provide their own authentication at the application layer. Many methods have been employed to perform this authentication, such as operating system privileged ports, Kerberos, munge, TLS, and PKI certificates. However, support for all of these methods requires the HPC application developer to include support and the user to configure and enable these services. The user-based firewall capability we have prototyped enables a set of rules governing connections across the HPC internal network to be put into place using Linux netfilter. By using an operating system-level capability, the system is not reliant on any developer or user actions to enable security. The rules we have chosen and implemented are crafted to not impact the vast majority of users and be completely invisible to them. Additionally, we have measured the performance impact of this system under various workloads.

show abstract