Connectivity Graph Reconstruction for Networking Cloud Infrastructures

Pernelle Mensah 1, 2 Samuel Dubus 2 Wael Kanoun 2 Christine Morin 3 Guillaume Piolle 1 Eric Totel 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
3 MYRIADS - Design and Implementation of Autonomous Distributed Systems
Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Cloud providers have an incomplete view of their hosted virtual infrastructures managed by a Cloud Management System (CMS) and a Software Defined Network (SDN) controller. For various security reasons (e.g. isolation verification, modeling attack paths in the network), it is necessary to know which virtual machines can interact via network protocols. This requires building a connectivity graph between the virtual machines, that we can extract with the knowledge of the overall topology and the deployed network security policy. Existing methodologies for building such models for physical networks produce incomplete results. Moreover, they are not suitable for cloud infrastructures due to either their intrusiveness or lack of connectivity discovery. We propose a method to compute the connectivity graph, relying on information provided by both the CMS and the SDN controller. Connectivity can first be extracted from knowledge databases, then dynamically updated on the occurrence of cloud-related events. This approach shows an exact, complete and up-to-date connectivity graphs computation on a representative infrastructure, in reasonable time.
Document type :
Conference papers
Complete list of metadatas

Cited literature [15 references]  Display  Hide  Download

https://hal.inria.fr/hal-01612988
Contributor : Christine Morin <>
Submitted on : Thursday, November 9, 2017 - 10:26:22 AM
Last modification on : Friday, September 13, 2019 - 9:51:33 AM
Long-term archiving on : Saturday, February 10, 2018 - 1:15:42 PM

File

NCA 2017.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01612988, version 1

Citation

Pernelle Mensah, Samuel Dubus, Wael Kanoun, Christine Morin, Guillaume Piolle, et al.. Connectivity Graph Reconstruction for Networking Cloud Infrastructures. NCA 2017 - 16th IEEE International Symposium on Network Computing and Applications , Oct 2017, Cambridge, MA, United States. ⟨hal-01612988⟩

Share

Metrics

Record views

479

Files downloads

206