Title :
NetODESSA: Dynamic Policy Enforcement in Cloud Networks
Author :
Bellessa, John ; Kroske, Evan ; Farivar, Reza ; Montanari, Mirko ; Larson, Kevin ; Campbell, Roy H.
Author_Institution :
Univ. of Illinois at Urbana-Champaign, Urbana, IL, USA
Abstract :
The networking environments found in cloud computing systems are highly complex and dynamic. Consequently, they have strained current policy management and enforcement systems that are based on writing explicit rules about individual hosts. In response, we propose NetODESSA, an inference-based system for network configuration and dynamic policy enforcement. NetODESSA permits the construction of flexible and resilient dynamic networks by allowing network administrators to write general policies about classes of hosts that are combined with runtime information to form network-level actions. Moreover, NetODESSA will infer refinements to the policy from network and host-level data, ensuring that the network remains secure. We have created an initial design for the system and implemented a basic prototype, demonstrating the practicality of this scheme.
Keywords :
cloud computing; inference mechanisms; NetODESSA; cloud computing systems; cloud networks; dynamic policy enforcement; inference based system; network configuration; Control systems; Engines; Monitoring; Ontologies; Prototypes; Resource description framework; Security;
Conference_Titel :
Reliable Distributed Systems Workshops (SRDSW), 2011 30th IEEE Symposium on
Conference_Location :
Madrid
Print_ISBN :
978-1-4577-1624-9
DOI :
10.1109/SRDSW.2011.24
