Freenet: a distributed anonymous information storage and retrieval system
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
SVGrid: a secure virtual environment for untrusted grid applications
MGC '05 Proceedings of the 3rd international workshop on Middleware for grid computing
Shamon: A System for Distributed Mandatory Access Control
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
VTDC '06 Proceedings of the 2nd International Workshop on Virtualization Technology in Distributed Computing
Trusted virtual domains: toward secure distributed services
HotDep'05 Proceedings of the First conference on Hot topics in system dependability
| Hi-index | 0.00 |
Virtual Interacting Network CommunIty (Vinci) is an abstract architecture to share in a secure way an ICT infrastructure among several user communities, each with its own applications and security requirements. To each community, Vinci allocates a network of virtual machines (VMs) that is mapped onto the computational and communication resources of the infrastructure. Each network includes several kinds of VMs. Application VMs (APP-VMs) run applications and stores information shared within a community. File system VM (FS-VMs) store and protect files shared among communities by applying a combination of MAC and Multi-Level Security (MLS) policies. A firewall VM (FW-VM) is a further kind of VM that, according to the security policy of each community, protects information private to a community transmitted across an untrusted network or controls the information exchanged with other communities. The last kind of VM is the administrative VM (A-VM) that configures and manages the other VMs in a community as well as the resources of each physical node and it also assures the integrity of all the VMs. After describing the overall Vinci architecture, we present and discuss the implementation and the performance of a first prototype.