Connectivity Graph Reconstruction for Networking Cloud Infrastructures - Archive ouverte HAL Access content directly
Conference Papers Year :

Connectivity Graph Reconstruction for Networking Cloud Infrastructures

(1, 2) , (2) , (2) , (3) , (1) , (1)
1
2
3

Abstract

Cloud providers have an incomplete view of their hosted virtual infrastructures managed by a Cloud Management System (CMS) and a Software Defined Network (SDN) controller. For various security reasons (e.g. isolation verification, modeling attack paths in the network), it is necessary to know which virtual machines can interact via network protocols. This requires building a connectivity graph between the virtual machines, that we can extract with the knowledge of the overall topology and the deployed network security policy. Existing methodologies for building such models for physical networks produce incomplete results. Moreover, they are not suitable for cloud infrastructures due to either their intrusiveness or lack of connectivity discovery. We propose a method to compute the connectivity graph, relying on information provided by both the CMS and the SDN controller. Connectivity can first be extracted from knowledge databases, then dynamically updated on the occurrence of cloud-related events. This approach shows an exact, complete and up-to-date connectivity graphs computation on a representative infrastructure, in reasonable time.
Fichier principal
Vignette du fichier
NCA 2017.pdf (329.51 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01612988 , version 1 (09-11-2017)

Identifiers

Cite

Pernelle Mensah, Samuel Dubus, Wael Kanoun, Christine Morin, Guillaume Piolle, et al.. Connectivity Graph Reconstruction for Networking Cloud Infrastructures. 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA), Oct 2017, Cambridge, United States. ⟨10.1109/nca.2017.8171337⟩. ⟨hal-01612988⟩
326 View
268 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More