Paper Info
Title
Accountability in hosted virtual networks
Abstract
Virtualization enables multiple networks, each customized for a particular purpose, to run concurrently over a shared substrate. One such model for managing these virtual networks is to create a hosting platform where companies can deploy services by leasing a portion of several physical routers. While lowering the barrier for innovation in the network, this model introduces new security concerns. In this paper we examine the issue of accountability in this setting of hosted virtual networks. That is, how a service provider can know its software is running without modification and that the infrastructure provider's physical router is forwarding packets as instructed with the quality of service promised. Rather than presenting a single specification of what every router on the Internet must look like, in this paper we examine two possible approaches: one that detects violations by monitoring the service and one that prevents violations from occurring in the first place. For each, we provide a description of an architecture that can be achieved with technology available today, the limitations of that architecture, and then propose an extension which overcomes the limitations.
Year
DOI
Venue
2009
10.1145/1592648.1592654
VISA
Keywords
Field
DocType
particular purpose,physical routers,physical router,multiple network,detects violation,service provider,virtual network,new security concern,forwarding packet,infrastructure provider,security,virtualization,quality of service
Virtualization,Provider Edge,Architecture,Computer security,Computer science,Network packet,Computer network,Quality of service,Service provider,Router,The Internet
Conference
Citations 
PageRank 
References 
11
0.90
18
Authors
3
Name
Order
Citations
PageRank
Eric Keller180863.07
Ruby Lee22460261.28
Jennifer Rexford3143781195.34