Software-Defined Network Security over OpenStack Clouds: A Systematic Analysis

被引：1

作者：

Lane, Nicolas P. ^{[1
]}

Koslovski, Guilherme P. ^{[1
]}

Pillon, Mauricio A. ^{[1
]}

Miers, Charles C. ^{[1
]}

Gonzalez, Nelson M. ^{[2
]}

机构：

[1] Santa Catarina State Univ UDESC, Grad Program Appl Comp PPGCA, Florianopolis, SC, Brazil

[2] IBM Watson Res Ctr, Yorktown Highs, NY USA

来源：

PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING AND SERVICES SCIENCE (CLOSER) | 2020年

关键词：

Cloud Computing; OpenStack; Security; Openflow;

D O I：

10.5220/0009471304230429

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Cloud computing infrastructure is an enticing target for malicious activity due to its network and compute capacity. Several studies focus on different aspects of cloud security from the client (tenant) side, leaving a gap regarding the cloud provider's infrastructure perspective. To address this gap, this study conducts a systematic review of the literature on OpenStack, the most adopted open source cloud operating system. We present a qualitative assessment of security vulnerabilities related do Openflow usage on OpenStack network management. Based on this analysis we identify a critical vulnerability which affects the cloud infrastructure via Software-Defined Networks. This reveals the urge for having more studies focusing on the provider's infrastructure side and associated tools and technologies.

引用

页码：423 / 429

页数：7

共 46 条

[1] OpenFlow Communications and TLS Security in Software-Defined Networks [J].

Agborubere, Belema ;

Sanchez-Velazquez, Erika .

2017 IEEE INTERNATIONAL CONFERENCE ON INTERNET OF THINGS (ITHINGS) AND IEEE GREEN COMPUTING AND COMMUNICATIONS (GREENCOM) AND IEEE CYBER, PHYSICAL AND SOCIAL COMPUTING (CPSCOM) AND IEEE SMART DATA (SMARTDATA), 2017, :560-566

[2]

[Anonymous], 2016, ENHANCING SECURITY O

[3] IaaS Platforms: How Secure Are They? [J].

Astrova, Irina ;

Koschel, Arne ;

Henke, Mats Lennart .

IEEE 30TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS WORKSHOPS (WAINA 2016), 2016, :843-848

[4] Data Protection in OpenStack [J].

Benjamin, Bruce ;

Coffman, Joel ;

Esiely-Barrera, Hadi ;

Farr, Kaitlin ;

Fichter, Dane ;

Genin, Daniel ;

Glendenning, Laura ;

Hamilton, Peter ;

Harshavardhana, Shaku ;

Hom, Rosalind ;

Poulos, Brianna ;

Reller, Nathan .

2017 IEEE 10TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING (CLOUD), 2017, :560-567

[5]

Benton K., 2013, OPENFLOW VULNERABILI, P151

[6] Review on Software-Defined Networking: Architectures and Threats [J].

Bhatia, Sanchita ;

Nathani, Kanak ;

Sharma, Vishal .

INFORMATION SYSTEMS DESIGN AND INTELLIGENT APPLICATIONS, INDIA 2017, 2018, 672 :1003-1011

[7]

Brooks M., 2015, Proceedings of the 4th Annual ACM Conference on Research in Information Technology - RIIT'15, P45, DOI [10.1145/2808062, DOI 10.1145/2808062]

[8]

Carlsson A, 2015, 2015 SECOND INTERNATIONAL SCIENTIFIC-PRACTICAL CONFERENCE PROBLEMS OF INFOCOMMUNICATIONS SCIENCE AND TECHNOLOGY (PIC S&T 2015), P245, DOI 10.1109/INFOCOMMST.2015.7357325

[9] NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems [J].

Chung, Chun-Jen ;

Khatkar, Pankaj ;

Xing, Tianyi ;

Lee, Jeongkeun ;

Huang, Dijiang .

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2013, 10 (04) :198-211

[10]

Cloud Security Alliance (CSA), 2017, SECURITY GUIDANCE CR

← 1 2 3 4 5 →