AL-SAFE: A Secure Self-Adaptable Application-Level Firewall for IaaS Clouds

Abstract : Application-level firewalls filter traffic based on a white list of processes that are allowed to access the network. Although they have a complete overview of the system in which they are executed, they can be easily bypassed by knowledgable attackers. In this paper we present AL-SAFE, a cloud-tailored application-level self-adaptable firewall which combines the high degree of visibility of an application-level firewall with the isolation of a traditional standalone firewall. AL-SAFE is able to filter traffic at two distinct points in the virtual infrastructure and adapt the enforced rulesets based on changes in the virtual infrastructure topology and the list of services running inside the virtual machines. Our performance analysis shows that AL-SAFE imposes a tolerable delay to legitimate network connections while it is able to filter out all unauthorised packets.
Type de document :
Communication dans un congrès
CloudCom2016-8th IEEE International Conference on Cloud Computing Technology and Science, Dec 2016, luxembourg, Luxembourg. 2016, 〈http://2016.cloudcom.org/〉
Liste complète des métadonnées

Littérature citée [8 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01363540
Contributeur : Anna Giannakou <>
Soumis le : lundi 31 octobre 2016 - 22:52:08
Dernière modification le : mercredi 16 mai 2018 - 11:23:31

Fichiers

al_safe.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01363540, version 1

Citation

Anna Giannakou, Louis Rilling, Jean-Louis Pazat, Christine Morin. AL-SAFE: A Secure Self-Adaptable Application-Level Firewall for IaaS Clouds. CloudCom2016-8th IEEE International Conference on Cloud Computing Technology and Science, Dec 2016, luxembourg, Luxembourg. 2016, 〈http://2016.cloudcom.org/〉. 〈hal-01363540〉

Partager

Métriques

Consultations de la notice

698

Téléchargements de fichiers

207