Abstract
Ubiquitous simply means being everywhere. The concept of Cloud Computing (CC) further strengthens the idea of Ubiquitous computing. On the other hand, one of the key enablers of CC is Virtualization. However, with the many advantages of virtualization comes certain limitations, especially related to security. Virtualization vulnerabilities and more specifically isolation, creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. Hence, without strict control put in place within the Cloud, guests could violate and bypass security policies, intercept unauthorized client data, and initiate or become the target of security attacks. This article discusses the security and the visibility issues of inter-VM traffic, by proposing a solution for it within the Cloud context. The proposed approach provides Virtual Machines (VMs) authentication, communication integrity, and enforces trusted transactions, through security mechanisms, structures, policies, and various intrusion detection techniques.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Van der Merwe, J., Ramakrishnan, K.K., Fairchild, M., Flavel, A., Houle, J., Lagar-Cavilla, H.A., Mulligan, J.: Towards a ubiquitous cloud computing infrastructure. In: 17th IEEE Workshop on Local and Metropolitan Area Networks (LANMAN), Long Branch, pp. 1–6 (2010)
3 Ways to Secure Your Virtualized Data Center, 29 July 2010. http://www.serverwatch.com/trends/article.php/3895846/3-Ways-to-Secure-Your-Virtualized-Data-Center.htm
A comprehensive framework for securing virtualized data centers, HP, August 2010
Schulter, A., et al.: Intrusion detection for computational grids. In: 2nd International Conference New Technologies, Mobility, and Security. IEEE Press (2008)
Schulter, K.: Intrusion detection for grid and cloud computing. IEEE J. IT Prof. 12, 38–43 (2010)
Gul, I., Hussain, M.: Distributed cloud intrusion detection model. Int. J. Adv. Sci. Technol. 34, 71–82 (2011)
Mazzariello, C., Bifulco, R., Canonico, R.: Integrating a network IDS into an open source cloud computing environment. In: IEEE Sixth International Conference on Information Assurance and Security (2010)
Security Architecture for the Internet Protocol, RFC 4301
IP Authentication Header, RFC 4302
IP Encapsulating Security Payload (ESP), RFC 4303
Irani, F.N.H.A., Noruzi, M.R.: Looking on policy and social policy in the context of public administration and management. J. Public Adm. Gov. 1(1), 106–114 (2011)
Scarfone, K., Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS). Computer Security Resource Center (National Institute of Standards and Technology) (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Karim, B., Khoudali, S., Sekkaki, A. (2014). Toward Agent Based Inter-VM Traffic Authentication in a Cloud Environment. In: Stojmenovic, I., Cheng, Z., Guo, S. (eds) Mobile and Ubiquitous Systems: Computing, Networking, and Services. MobiQuitous 2013. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 131. Springer, Cham. https://doi.org/10.1007/978-3-319-11569-6_42
Download citation
DOI: https://doi.org/10.1007/978-3-319-11569-6_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11568-9
Online ISBN: 978-3-319-11569-6
eBook Packages: Computer ScienceComputer Science (R0)