Demo: On-The-Fly Generation of Unikernels for Software-Defined Security in Cloud Infrastructures

Maxime Compastié 1, 2, 3 Rémi Badonnel 2, 3 Olivier Festor 2, 3 Ruan He 1
2 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
3 RESIST - Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : The programmability of security mechanisms through software-defined security permits the outsourcing of security management to a dedicated plan. Unikernels offer new perspectives for supporting this programmability, and addressing the challenges with respect to the heterogeneity and the dynamics of cloud resources. In this demo, we demonstrate how unikernel properties may enable an adequate security enforcement at the resource level. We present a framework for integrating security mechanisms into unikernel virtual machines, and align them to a given security policy, through the on-the-fly unikernel VM generation. We showcase an implementation prototype and confront it to cloud exploitation scenarios.
Complete list of metadatas

Cited literature [5 references]  Display  Hide  Download

https://hal.inria.fr/hal-01798799
Contributor : Maxime Compastié <>
Submitted on : Monday, May 28, 2018 - 4:17:07 PM
Last modification on : Thursday, February 7, 2019 - 5:34:45 PM
Long-term archiving on : Wednesday, August 29, 2018 - 2:52:24 PM

File

HAL-draft-demo-fly-generation....
Files produced by the author(s)

Identifiers

Collections

Citation

Maxime Compastié, Rémi Badonnel, Olivier Festor, Ruan He. Demo: On-The-Fly Generation of Unikernels for Software-Defined Security in Cloud Infrastructures. NOMS 2018 - IEEE/IFIP Network Operations and Management Symposium, Apr 2018, Taipei, Taiwan. ⟨10.1109/NOMS.2018.8406131⟩. ⟨hal-01798799⟩

Share

Metrics

Record views

253

Files downloads

175