Title :
VNSS: A network security sandbox for virtual computing environment
Author :
Xiaopeng, Gao ; Sumei, Wang ; Xianqin, Chen
Author_Institution :
State Key Lab. of Software Dev. Environ., BeiHang Univ., Beijing, China
Abstract :
With the number of applications running upon the virtualized system increased, the virtual network circumstance becomes more and more complicated; the consequent security problems thereby have been a concern for industrial and academic fields. However, the current solutions are mostly confined to the enforcement of several patchy-works on system which still requires proficient hacking skills for administrators and cannot ensure continuous protection for VM, resulting in potential security risks. In this paper we present a framework (VNSS) which provides both guarantee of distinct security level requirement and full-lifecycle protection for VM. We have implemented a prototype system based on Xen hypervisor to evaluate our framework. The experiment results demonstrate that our framework can provide continuous protection for virtual network environment.
Keywords :
security of data; virtual machines; VNSS framework; Xen hypervisor; virtual computing environment; virtual machines; virtual network environment; virtual network security sandbox; Fires; Prototypes; Security; Servers; Synchronization; Virtual machine monitors; Virtual machining; Lifecycle; Network Security; Stateful Firewall; System Virtualization; Virtual Machine;
Conference_Titel :
Information Computing and Telecommunications (YC-ICT), 2010 IEEE Youth Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-8883-4
DOI :
10.1109/YCICT.2010.5713128
