Risk-based Decision for a Distributed and Cooperative network policy in Cloud Computing

被引:0
作者
Kamoun-Abid, Ferdaous [1 ]
Meddeb-Makhlouf, Amel [1 ]
Zarai, Faouzi [1 ]
机构
[1] Univ Sfax, ENETCOM, NTSCom Res Unit, Sfax, Tunisia
来源
2018 14TH INTERNATIONAL WIRELESS COMMUNICATIONS & MOBILE COMPUTING CONFERENCE (IWCMC) | 2018年
关键词
Cloud Computing; Access control; XACML; Risk; Distributed and Cooperative Firewall; Network-based policy;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
The distribution's feature of cloud computing and the increasing threat of attacks and malicious activities make necessary the use of distributed firewalls to control access to networks. Network-based access management and control is an essential research challenge to enhance the security of the cloud network. We propose, in this paper the use of risk-based access decisions in a distributed and cooperative firewall topology. The proposed model is based on a combination of eXtensible Access Control Markup Language (XACML) decisions and risk-based network access control in the cloud. For proof, we simulate cloud network using the NeSSi2 tool. The obtained results are promising in term of delay and blocking rate
引用
收藏
页码:1161 / 1166
页数:6
相关论文
共 10 条
  • [1] Network-level Access Control Management for the Cloud
    Beaty, Kirk
    Kundu, Ashish
    Naik, Vijay
    Acharya, Arup
    [J]. PROCEEDINGS OF THE 2013 IEEE INTERNATIONAL CONFERENCE ON CLOUD ENGINEERING (IC2E 2013), 2013, : 98 - 107
  • [2] An East-West interface for distributed SDN control plane: Implementation and evaluation
    Benamrane, Fouad
    Ben Mamoun, Mouad
    Benaini, Redouane
    [J]. COMPUTERS & ELECTRICAL ENGINEERING, 2017, 57 : 162 - 175
  • [3] Decision Diagrams for XACML Policy Evaluation and Management
    Canh Ngo
    Demchenko, Yuri
    de Laat, Cees
    [J]. COMPUTERS & SECURITY, 2015, 49 : 1 - 16
  • [4] An intelligent security architecture for distributed firewalling environments
    De Santis, Alfredo
    Castiglione, Aniello
    Fiore, Ugo
    Palmieri, Francesco
    [J]. JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2013, 4 (02) : 223 - 234
  • [5] A framework and risk assessment approaches for risk-based access control in the cloud
    dos Santos, Daniel Ricardo
    Marinho, Roberto
    Schmitt, Gustavo Roecker
    Westphall, Carla Merkle
    Westphall, Carlos Becker
    [J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2016, 74 : 86 - 97
  • [6] Elsayed W., 2016, 1 INT C ADV INT SYST, P511
  • [7] Pisharody S., 2017, IEEE T DEPENDABLE SE
  • [8] Application-level Simulation for Network Security
    Schmidt, Stephan
    Bye, Rainer
    Chinnow, Joel
    Bsufka, Karsten
    Camtepe, Ahmet
    Albayrak, Sahin
    [J]. SIMULATION-TRANSACTIONS OF THE SOCIETY FOR MODELING AND SIMULATION INTERNATIONAL, 2010, 86 (5-6): : 311 - 330
  • [9] Shin S H., 2012, 14th Asia-Pacific Network Operations and Management Symposium: "Management in the Big Data and IoT Era", APNOMS 2012 - Final Program, P1, DOI [DOI 10.1109/ICNP.2012.6459946, 10.1109/APNOMS.2012.6356067, DOI 10.1109/APNOMS.2012.6356067]
  • [10] Sticky policies approach within cloud computing
    Spyra, Grzegorz
    Buchanan, William J.
    Ekonomou, Elias
    [J]. COMPUTERS & SECURITY, 2017, 70 : 366 - 375
1