Collaborative Network Security in Multi-Tenant Data Center for Cloud Computing | |
Zhen Chen ; Wenyu Dong ; Hang Li ; Peng Zhang ; Xinming Chen ; Junwei Cao ; Zhen Chen ; Wenyu Dong ; Hang Li ; Peng Zhang ; Xinming Chen ; Junwei Cao | |
2016-03-30 ; 2016-03-30 | |
关键词 | data center network network security software defined network collaborative network security multitenant network virtualization intelligent flow processing cloud computing TP393.08 |
其他题名 | Collaborative Network Security in Multi-Tenant Data Center for Cloud Computing |
中文摘要 | A data center is an infrastructure that supports Internet service. Cloud computing is rapidly changing the face of the Internet service infrastructure, enabling even small organizations to quickly build Web and mobile applications for millions of users by taking advantage of the scale and flexibility of shared physical infrastructures provided by cloud computing. In this scenario, multiple tenants save their data and applications in shared data centers, blurring the network boundaries between each tenant in the cloud. In addition, different tenants have different security requirements, while different security policies are necessary for different tenants. Network virtualization is used to meet a diverse set of tenant-specific requirements with the underlying physical network, enabling multi-tenant datacenters to automatically address a large and diverse set of tenants requirements. In this paper, we propose the system implementation of vCNSMS, a collaborative network security prototype system used in a multi-tenant data center. We demonstrate vCNSMS with a centralized collaborative scheme and deep packet inspection with an open source UTM system. A security level based protection policy is proposed for simplifying the security rule management for vCNSMS. Different security levels have different packet inspection schemes and are enforced with different security plugins. A smart packet verdict scheme is also integrated into vCNSMS for intelligence flow processing to protect from possible network attacks inside a data center network.; A data center is an infrastructure that supports Internet service. Cloud computing is rapidly changing the face of the Internet service infrastructure, enabling even small organizations to quickly build Web and mobile applications for millions of users by taking advantage of the scale and flexibility of shared physical infrastructures provided by cloud computing. In this scenario, multiple tenants save their data and applications in shared data centers, blurring the network boundaries between each tenant in the cloud. In addition, different tenants have different security requirements, while different security policies are necessary for different tenants. Network virtualization is used to meet a diverse set of tenant-specific requirements with the underlying physical network, enabling multi-tenant datacenters to automatically address a large and diverse set of tenants requirements. In this paper, we propose the system implementation of vCNSMS, a collaborative network security prototype system used in a multi-tenant data center. We demonstrate vCNSMS with a centralized collaborative scheme and deep packet inspection with an open source UTM system. A security level based protection policy is proposed for simplifying the security rule management for vCNSMS. Different security levels have different packet inspection schemes and are enforced with different security plugins. A smart packet verdict scheme is also integrated into vCNSMS for intelligence flow processing to protect from possible network attacks inside a data center network. |
语种 | 英语 ; 英语 |
内容类型 | 期刊论文 |
源URL | [http://ir.lib.tsinghua.edu.cn/ir/item.do?handle=123456789/146538] ![]() |
专题 | 清华大学 |
推荐引用方式 GB/T 7714 | Zhen Chen,Wenyu Dong,Hang Li,et al. Collaborative Network Security in Multi-Tenant Data Center for Cloud Computing[J],2016, 2016. |
APA | Zhen Chen.,Wenyu Dong.,Hang Li.,Peng Zhang.,Xinming Chen.,...&Junwei Cao.(2016).Collaborative Network Security in Multi-Tenant Data Center for Cloud Computing.. |
MLA | Zhen Chen,et al."Collaborative Network Security in Multi-Tenant Data Center for Cloud Computing".(2016). |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论