Internet indirection infrastructure
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Design and implementation of a routing control platform
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
A policy-aware switching layer for data centers
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Dcell: a scalable and fault-tolerant network structure for data centers
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
VL2: a scalable and flexible data center network
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
BCube: a high performance, server-centric network architecture for modular data centers
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Enhancing dynamic cloud-based services using network virtualization
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
The case for enterprise-ready virtual private clouds
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
CloudNaaS: a cloud networking platform for enterprise applications
Proceedings of the 2nd ACM Symposium on Cloud Computing
Building access oblivious storage cloud for enterprise
Hot-ICE'12 Proceedings of the 2nd USENIX conference on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Host-based multi-tenant technology for scalable data center networks
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
Portable tunnel establishment with a strong authentication design for secure private cloud
Proceedings of the 2012 ACM Research in Applied Computation Symposium
Designing a Secure Cloud Architecture: The SeCA Model
International Journal of Information Security and Privacy
Robust and flexible tunnel management for secure private cloud
ACM SIGAPP Applied Computing Review
Hi-index | 0.00 |
Despite the rapid development in the field of cloud computing, security is still one of the major hurdles to cloud computing adoption. Most cloud services (e.g. Amazon EC2) are offered at low cost without much protection to users. At the other end of the spectrum, highly secured cloud services (e.g. Google "government cloud") are offered at much higher cost by using isolated hardware, facility, and administrators with security clearance. In this paper, we explore the "middle ground", where users can still share physical hardware resource, but user networks are isolated and accesses are controlled in the way similar to that in enterprise networks. We believe this covers the need for most enterprise and individual users. We propose an architecture that takes advantage of network virtualization and centralized controller. This architecture overcomes scalability limitations of prior solutions based on VLANs, and enables users to customize security policy settings the same way they control their on-site network.