Name
Title | ||
|---|---|---|
Verification of firewall reconfiguration for virtual machines migrations in the cloud |
Abstract | ||
|---|---|---|
While elasticity is valuable to the cloud, it may introduce security flaws due to misconfiguration after virtual machines migration. In this paper, we propose an automated approach to verify distributed firewalls reconfiguration after migration. To this end, we elaborate a language that captures distributed stateless and stateful firewalls with their underlying semantics. Integrated to Cloud Calculus, it allows specifying distributed firewalls topology. We also define semantic equivalence over stateful firewalls that forms the base for our verification approach. Furthermore, we define the property of network access control and state preservation using the concepts of soundness and completeness of firewall configurations. Additionally, we use constraint satisfaction problems to reason about our defined preservation property. Finally, we investigate the correctness and scalability of our approach. |
Year | DOI | Venue |
|---|---|---|
2015 | 10.1016/j.comnet.2015.10.008 | Computer Networks |
Keywords | Field | DocType |
Security,Verification,Stateful firewalls,Distributed firewalls,Cloud computing,Constraint satisfaction problem | Virtual machine,Firewall (construction),Computer science,Correctness,Computer network,Application firewall,Stateful firewall,Network Access Control,Control reconfiguration,Distributed computing,Cloud computing | Journal |
Volume | Issue | ISSN |
93 | P3 | 1389-1286 |
Citations | PageRank | References |
2 | 0.36 | 16 |
Authors | ||
5 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Yosr Jarraya | 1 | 173 | 14.52 |
| Arash Eghtesadi | 2 | 17 | 1.44 |
| Sahba Sadri | 3 | 3 | 0.72 |
| Mourad Debbabi | 4 | 1467 | 144.47 |
| Makan Pourzandi | 5 | 216 | 28.31 |