Connectivity Graph Reconstruction for Networking Cloud Infrastructures

Pernelle Mensah 1, 2 Samuel Dubus 2 Wael Kanoun 2 Christine Morin 3 Guillaume Piolle 1 Eric Totel 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA_D1 - SYSTÈMES LARGE ÉCHELLE
3 MYRIADS - Design and Implementation of Autonomous Distributed Systems
Inria Rennes – Bretagne Atlantique , IRISA_D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Cloud providers have an incomplete view of their hosted virtual infrastructures managed by a Cloud Management System (CMS) and a Software Defined Network (SDN) controller. For various security reasons (e.g. isolation verification, modeling attack paths in the network), it is necessary to know which virtual machines can interact via network protocols. This requires building a connectivity graph between the virtual machines, that we can extract with the knowledge of the overall topology and the deployed network security policy. Existing methodologies for building such models for physical networks produce incomplete results. Moreover, they are not suitable for cloud infrastructures due to either their intrusiveness or lack of connectivity discovery. We propose a method to compute the connectivity graph, relying on information provided by both the CMS and the SDN controller. Connectivity can first be extracted from knowledge databases, then dynamically updated on the occurrence of cloud-related events. This approach shows an exact, complete and up-to-date connectivity graphs computation on a representative infrastructure, in reasonable time.
Type de document :
Communication dans un congrès
NCA 2017 - 16th IEEE International Symposium on Network Computing and Applications , Oct 2017, Cambridge, MA, United States
Liste complète des métadonnées

Littérature citée [15 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01612988
Contributeur : Christine Morin <>
Soumis le : jeudi 9 novembre 2017 - 10:26:22
Dernière modification le : mercredi 16 mai 2018 - 11:24:13
Document(s) archivé(s) le : samedi 10 février 2018 - 13:15:42

Fichier

NCA 2017.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01612988, version 1

Citation

Pernelle Mensah, Samuel Dubus, Wael Kanoun, Christine Morin, Guillaume Piolle, et al.. Connectivity Graph Reconstruction for Networking Cloud Infrastructures. NCA 2017 - 16th IEEE International Symposium on Network Computing and Applications , Oct 2017, Cambridge, MA, United States. 〈hal-01612988〉

Partager

Métriques

Consultations de la notice

385

Téléchargements de fichiers

83