Dynamic Internet overlay deployment and management using the X-bone
Computer Networks: The International Journal of Computer and Telecommunications Networking
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Managing Spawned Virtual Networks
IWAN '99 Proceedings of the First International Working Conference on Active Networks
A blueprint for introducing disruptive technology into the Internet
ACM SIGCOMM Computer Communication Review
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
VDE: Virtual Distributed Ethernet
TRIDENTCOM '05 Proceedings of the First International Conference on Testbeds and Research Infrastructures for the DEvelopment of NeTworks and COMmunities
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
IBM Journal of Research and Development - IBM BladeCenter systems
Operating system support for planetary-scale network services
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Towards virtual networks for virtual machine grid computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Autonomic Live Adaptation of Virtual Computational Environments in a Multi-Domain Infrastructure
ICAC '06 Proceedings of the 2006 IEEE International Conference on Autonomic Computing
VIOLIN: virtual internetworking on overlay infrastructure
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
The Genesis Kernel: a programming system for spawning network architectures
IEEE Journal on Selected Areas in Communications
IEEE Network: The Magazine of Global Internetworking
Policy enforcement and compliance proofs for Xen virtual machines
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Flexible and secure enterprise rights management based on trusted virtual domains
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Providing secure services for a virtual infrastructure
ACM SIGOPS Operating Systems Review
Measuring Semantic Integrity for Remote Attestation
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Diverter: a new approach to networking within virtualized infrastructures
Proceedings of the 1st ACM workshop on Research on enterprise networking
Towards automated security policy enforcement in multi-tenant virtual data centers
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Trusted computing: special aspects and challenges
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Security for the cloud infrastructure: trusted virtual data center implementation
IBM Journal of Research and Development
Transparent mobile storage protection in trusted virtual domains
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Trusted virtual domains on OpenSolaris: usable secure desktop environments
Proceedings of the fifth ACM workshop on Scalable trusted computing
sNICh: efficient last hop networking in the data center
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Trusted virtual domains on OKL4: secure information sharing on smartphones
Proceedings of the sixth ACM workshop on Scalable trusted computing
Trusted virtual domains – design, implementation and lessons learned
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Security-aware optimal resource allocation for virtual network embedding
Proceedings of the 8th International Conference on Network and Service Management
Hyper-switch: a scalable software virtual switching architecture
USENIX ATC'13 Proceedings of the 2013 USENIX conference on Annual Technical Conference
| Hi-index | 0.00 |
We describe a secure network virtualization framework that helps realize the abstraction of Trusted Virtual Domains (TVDs), a security-enhanced variant of virtualized network zones. The framework allows groups of related virtual machines running on separate physical machines to be connected together as though there were on their own separate network fabric and, at the same time, helps enforce cross-group security requirements such as isolation, confidentiality, security, and information flow control. The framework uses existing network virtualization technologies, such as Ethernet encapsulation, VLAN tagging, and VPNs, and combines and orchestrates them appropriately to implement TVDs. Our framework aims at automating the instantiation and deployment of the appropriate security mechanism and network virtualization technologies based on an input security model that specifies the required level of isolation and permitted network flows. We have implemented a prototype of the framework based on the Xen hypervisor. Experimental evaluation of the prototype shows that the performance of our virtual networking extensions is comparable to that of the standard Xen configuration.