Transparent network services via a virtual traffic layer for virtual machines
Proceedings of the 16th international symposium on High performance distributed computing
A Reliable and Fast Data Transfer for Grid Systems Using a Dynamic Firewall Configuration
Euro-Par 2008 Workshops - Parallel Processing
Optimizing tunneled grid connectivity across firewalls
AusGrid '09 Proceedings of the Seventh Australasian Symposium on Grid Computing and e-Research - Volume 99
IP over P2P: enabling self-configuring virtual IP networks for grid computing
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
A virtual network (ViNe) architecture for grid computing
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Private virtual cluster: infrastructure and protocol for instant grids
Euro-Par'06 Proceedings of the 12th international conference on Parallel Processing
Maintaining high performance communication under least privilege using dynamic perimeter control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
Firewalls and network address translators (NATs) cause significant connectivity problems along with benefits such as network protection and easy address planning. Connectivity problems make nodes separated by a firewall/NAT unable to communicate with each other. Due to the bidirectional and multi-organizational nature of grids, they are particularly susceptible to connectivity problems. These problems make collaboration difficult or impossible and cause resources to be wasted. This paper presents a system, called CODO, which provides applications end-to-end connectivity over firewalls/NATs in a secure way. CODO allows applications authorized through strong security mechanisms to traverse firewalls/NATs, while blocking unauthorized applications. This paper also formalizes the firewall/NAT traversal problem and clarifies how a traversal system fits in the overall security policy enforcement by a firewall/NAT.