期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

面向租户开放的安全虚拟网络管理平台设计 被引量:2

Design of a Security Virtual Network Management Platform Opening to the Tenants
下载PDF
导出
摘要 如今,虚拟化的浪潮席卷全球,基于网络的虚拟化技术也在如火如荼的发展.虚拟网络的构建使得用户可以忽略对于底层网络硬件的关注,提高网络硬件的使用效率,降低了成本,更加灵活地配置和部署网络.租户作为虚拟网络的主要使用者,是其整体结构的重要组成部分.让租户能够安全、合理地参与虚拟网络的管控,一直是一个很重要的研究问题.基于此,本文设计了一个面向租户开放的安全虚拟网络管理平台,通过一套包括身份认证、权限匹配、指令解析、优先级管理的流程,实现了租户通过模块化指令形式,安全地管控虚拟网络的过程,在增加租户的参与度的同时,保证了网络的稳定性和安全性. Nowadays, Virtualization is sweeping the whole world. The virtualization technology based on the network is developing rapidly. The construction of virtual network makes the users ignore the underlying network hardware, improve the efficiency in the use of network hardware and reduce the cost. Users also can configure and deploy the network more flexible. Tenants are the main user of virtual network and an important part of the whole structure. It is always be an important aspect that tenants are able to participate in the management and control of virtual network safely and reasonable. According to this, the paper designs a security virtual network management platform opening to the tenants. Through a series of process,including identity authentication, access control, request analysis and priority management, a tenant can control the virtual network safely by modular files, which increase the tenants participation and ensure the stability and security of the network at the same time.
作者 朱天骏 刘发章 陈实 祖立军 吴承荣 严逸兴
机构地区 复旦大学计算机科学技术学院网络与信息安全研究所 中国银联电子支付研究院
出处 《小型微型计算机系统》 CSCD 北大核心 2015年第10期2295-2299,共5页 Journal of Chinese Computer Systems
基金 国家云计算示范工程项目(C73623989020220110006)资助
关键词 虚拟网络 OpenFlow 控制器 模块化 virtual network OpenFlow controller modularization
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献17

  • 1Chowdhury N M K,Boutaba R. A survey of network virtual-ization [ J ]. Computer Network, April 2010,54 : 862-876.
  • 2Nick McKeown, Tom Anderson, Haft Balakrishnan, et al. Open- Flow:enabling innovation in campus networks [ J ]. Computer Com- munication Review (CCR) ,2008,38 ( 2 ) :69 -74.
  • 3Porras P, Shin S, Yegneswaran V. A Security enforcement kernel for openflow networks [ C ]. Proc. of the HotSDN Workshop at SIG- COMM. Helsinki, Finland : ACM, 2012 : 121-128.
  • 4Braga R, Mota E, Passito A. Lightweight DDoS flooding attack de- tection using NOX/openflow[ C]. 35th IEEE Conference on Local Computer Networks, Denver, Colorado : IEEE, 2010 : 408 -415.
  • 5Casado M, Reedman F, Pettit J M, et aL Ethane:taking control of the enterprise[ J]. ACM SIGCOMM Computer Communication Re- view,2007,37 (4) :1-12.
  • 6Balazs Sonkoly, An&as Gulyas. Integrated OpenFlow virtualization framework with flexible data, control and management functions [ C]. IEEE INFOCOM (Demo) Orlando ,Florida ,USA ,Mar. 2012.
  • 7Georgia Kontesidou, Kyrialos Zarifis. Openflow virtual networking: a flow-based network virtualization architecture [ D]. MSC Thesis, Stockholm, Sweden, 2009.
  • 8NVP [ EB/OL ]. http ://nicira. com/en/network-virtualization-plat- form,2013.
  • 9Sherwood R, Gibb G, Yap K, et al. Flow visor:a network virtualiza- tion layer technical report openflow-tr-2009-1 ~ R ]. Stanford Univer- sity, Tech. Rep,2009.
  • 10左青云,陈鸣,赵广松,邢长友,张国敏,蒋培成.基于OpenFlow的SDN技术研究[J].软件学报,2013,24(5):1078-1097. 被引量:420

二级参考文献65

  • 1Mckeown N, Anderson T, Balakrishnan H, Parulkar G, Peterson L, Rexford J, Shenker S, Turner J. OpenFlow: Enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review, 2008,38(2):69-74. [doi: 10.1145/1355734. 1355746].
  • 2Elliott C. GENI: Opening up new classes of experiments in global networking. IEEE Internet Computing, 2010,14(1):39-42.
  • 3Gavras A, Karila A, Fdida S, May M, Potts M. Future Internet research and experimentation: The FIRE initiative. ACM SIGCOMM Computer Communication Review, 2007,37(3):89-92. [doi: 10.114511273445.1273460].
  • 4JGN2plus. 2012. http://www.jgn.nict.go.jp/english/index.html.
  • 5SOFIA. 2012. http://fi.ict.ac.cn/research/sofia_overview.htm.
  • 6Yang L, Dantu R, Anderson T, Gopal R. Forwarding and Control Element Separation (ForCES) Framework. RFC 3746, 2004. http://tools.ietf.org/html/rfc3746.
  • 7Greenberg A, Hjalmtysson G, Maltz DA, Myers A, Rexford J, Xie G, Yan H, Zhan J, Zhang H. A clean slate 4D approach to network control and management. ACM SIGCOMM Computer Communication Review, 2005,35(5):41-54. [doi: 10.1145/1096536. 1096541].
  • 8Caesar M, Caldwell D, Feamster N, Rexford J, Shaikh A, Merwe J. Design and implementation of a routing control platform. In: Proc. of the 2rd USENIX Symp. on Networked Systems Design and Implementation (NSDI). Boston: USENIX Association, 2005. 15-28.
  • 9Casado M, Garfinkel T, Akella A, Freedman MJ, Boneh D, Mckeown N, Shenker S. SANE: A protection architecture for enterprise networks. In: Proc. of the 15th Conf. on USENIX Security Symp. Vancouver: USENIX Association, 2006. 137-151.
  • 10Casado M, Freedman MJ, Pettit J, Luo J, Mckeown N, Shenker S. Ethane: Taking control of the enterprise. In: Proc. of the SIGCOMM 2007. Kyoto: ACM Press, 2007. 1-12. [doi: 10.1145/1282380.1282382].

共引文献419

同被引文献5

引证文献2

二级引证文献10

小型微型计算机系统
2015年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部