Home // INTERNET 2012, The Fourth International Conference on Evolving Internet // View article

Dynamic Access Control Using Virtual Multicore Firewalls

Authors:
Alexey Lukashin
Vladimir Zaborovsky

Keywords: security; dynamic access control; firewall; virtualization; netgraph

Abstract:
The problems of Internet services security are becoming particularly important due to intricacy structure and dynamic nature of distributed environment, especially in a cloud and virtualized systems. The complexity of distributed platforms demands more functionality to be provided by security devices. Among these required functions is the ability to configure these devices online in accordance with the current state of the network environment through which users can gain an access to information services. The performance of security services is a major issue. This paper proposes a firewall-based solution for implementing access control using multiple cores in virtualized and pure hardware environments, and describes dynamic access control based on virtual connections management with the mechanism of traffic filtering in a transparent (also called "stealth") mode. In this mode, the firewall is not visible to other participants (components) of network interactions, and, thus, it allows implementing the access policy, but remains invulnerable for cyber crooks.

Pages: 37 to 43

Copyright: Copyright (c) IARIA, 2012

Publication date: June 24, 2012

Published in: conference

ISSN: 2308-443X

ISBN: 978-1-61208-204-2

Location: Venice, Italy

Dates: from June 24, 2012 to June 29, 2012