A Highly Available Transparent Linux Cluster Security Model

Author

Ramsurrun, V. ; Soyjaudah, K.M.S.

Author_Institution

Electr. & Electron. Eng. Dept., Univ. of Mauritius, Reduit

fYear

2008

fDate

7-9 Dec. 2008

Firstpage

69

Lastpage

76

Abstract

The use of firewall load balancing (FWLB) in tandem with transparent firewalls is problematic as the benefits of using stealth firewalls are nullified due to the use of IP addressing on load balancers. This paper describes the design & implementation of a new transparent cluster security model that addresses this problem. A transparent stateful CSG architecture, which uses a distributed sender-initiated Layer 2 per-packet firewall load balancing scheme, is devised for the protection of switched Linux clusters of computers. This security architecture presents several advantages like transparency, robust security, high availability, scalability & reliability, tamper resistance, anti-spoofing and anti-sniffing.

Keywords

Linux; authorisation; distributed processing; internetworking; resource allocation; workstation clusters; cluster security gateway architecture; distributed sender-initiated layer 2 per-packet firewall; stealth firewall load balancing; transparent Linux cluster security model; Communication switching; Computer architecture; Distributed computing; Filtering; Linux; Load management; Protection; Robustness; Security; Switches;

fLanguage

English

Publisher

ieee

Conference_Titel

Performance, Computing and Communications Conference, 2008. IPCCC 2008. IEEE International

Conference_Location

Austin, Texas

ISSN

1097-2641

Print_ISBN

978-1-4244-3368-1

Electronic_ISBN

1097-2641

Type

conf

DOI

10.1109/PCCC.2008.4745136

Filename

4745136