AL-SAFE: A Secure Self-Adaptable Application-Level Firewall for IaaS Clouds

Abstract : The conventional design of application-level firewalls has an inherent deficiency: limited isolation between the firewall and vulnerable applications which increases the probability of a successful attack that disables the firewall (i.e removing hooks from packet filtering functions). Hence, an important question is: Can we retain the same level of increased visibility while limiting the attack surface between any in- fected application and a trusted application-level firewall? To address this question we designed and implemented AL-SAFE a two-level application- level firewall that operates outside of the virtual machine it is monitoring in a completely separate domain.
Complete list of metadatas

Cited literature [6 references]  Display  Hide  Download

https://hal.inria.fr/hal-01340494
Contributor : Anna Giannakou <>
Submitted on : Friday, July 1, 2016 - 11:12:54 AM
Last modification on : Thursday, February 7, 2019 - 4:50:29 PM
Long-term archiving on : Tuesday, November 8, 2016 - 8:31:32 PM

File

sigplanconf-template.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01340494, version 1

Citation

Anna Giannakou, Louis Rilling, Christine Morin, Jean-Louis Pazat. AL-SAFE: A Secure Self-Adaptable Application-Level Firewall for IaaS Clouds. SEC2 2016 - Second workshop on Security in Clouds , Jul 2016, Lorient, France. ⟨hal-01340494⟩

Share

Metrics

Record views

1444

Files downloads

244