Customized Network Security for Cloud Service

Jin He, Kaoru Ota, Mianxiong Dong, Laurence T. Yang, Minyu Fan, Guangwei Wang, Sik-Sang Yau

Research output: Contribution to journalArticle

Abstract

Modern cloud computing platforms based on virtual machine monitors (VMMs) host a variety of complex businesses which present many network security vulnerabilities. In order to protect network security for these businesses in cloud computing, nowadays, a number of middleboxes are deployed at front-end of cloud computing or parts of middleboxes are deployed in cloud computing. However, the former is leading to high cost and management complexity, and also lacking of network security protection between virtual machines while the latter does not effectively prevent network attacks from external traffic. To address the above-mentioned challenges, we introduce a novel customized network security for cloud service (CNS), which not only prevents attacks from external and internal traffic to ensure network security of services in cloud computing, but also affords customized network security service for cloud users. CNS is implemented by modifying the Xen hypervisor and proved by various experiments which showing the proposed solution can be directly applied to the extensive practical promotion in cloud computing.

Original languageEnglish (US)
JournalIEEE Transactions on Services Computing
DOIs
StateAccepted/In press - Jul 11 2017

Fingerprint

Network security
Cloud computing
Industry
Costs
Experiments

Keywords

  • Cloud computing
  • Communication networks
  • Complexity theory
  • Computer architecture
  • Computer crime
  • customized network security service
  • FDCs
  • Middleboxes
  • network security
  • packet delay
  • throughput
  • unified management

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications
  • Information Systems and Management

Cite this

Customized Network Security for Cloud Service. / He, Jin; Ota, Kaoru; Dong, Mianxiong; T. Yang, Laurence; Fan, Minyu; Wang, Guangwei; Yau, Sik-Sang.

In: IEEE Transactions on Services Computing, 11.07.2017.

Research output: Contribution to journalArticle

He, Jin ; Ota, Kaoru ; Dong, Mianxiong ; T. Yang, Laurence ; Fan, Minyu ; Wang, Guangwei ; Yau, Sik-Sang. / Customized Network Security for Cloud Service. In: IEEE Transactions on Services Computing. 2017.
@article{b1e678e39cbb49a28fe486b62f90fc23,
title = "Customized Network Security for Cloud Service",
abstract = "Modern cloud computing platforms based on virtual machine monitors (VMMs) host a variety of complex businesses which present many network security vulnerabilities. In order to protect network security for these businesses in cloud computing, nowadays, a number of middleboxes are deployed at front-end of cloud computing or parts of middleboxes are deployed in cloud computing. However, the former is leading to high cost and management complexity, and also lacking of network security protection between virtual machines while the latter does not effectively prevent network attacks from external traffic. To address the above-mentioned challenges, we introduce a novel customized network security for cloud service (CNS), which not only prevents attacks from external and internal traffic to ensure network security of services in cloud computing, but also affords customized network security service for cloud users. CNS is implemented by modifying the Xen hypervisor and proved by various experiments which showing the proposed solution can be directly applied to the extensive practical promotion in cloud computing.",
keywords = "Cloud computing, Communication networks, Complexity theory, Computer architecture, Computer crime, customized network security service, FDCs, Middleboxes, network security, packet delay, throughput, unified management",
author = "Jin He and Kaoru Ota and Mianxiong Dong and {T. Yang}, Laurence and Minyu Fan and Guangwei Wang and Sik-Sang Yau",
year = "2017",
month = "7",
day = "11",
doi = "10.1109/TSC.2017.2725828",
language = "English (US)",
journal = "IEEE Transactions on Services Computing",
issn = "1939-1374",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - Customized Network Security for Cloud Service

AU - He, Jin

AU - Ota, Kaoru

AU - Dong, Mianxiong

AU - T. Yang, Laurence

AU - Fan, Minyu

AU - Wang, Guangwei

AU - Yau, Sik-Sang

PY - 2017/7/11

Y1 - 2017/7/11

N2 - Modern cloud computing platforms based on virtual machine monitors (VMMs) host a variety of complex businesses which present many network security vulnerabilities. In order to protect network security for these businesses in cloud computing, nowadays, a number of middleboxes are deployed at front-end of cloud computing or parts of middleboxes are deployed in cloud computing. However, the former is leading to high cost and management complexity, and also lacking of network security protection between virtual machines while the latter does not effectively prevent network attacks from external traffic. To address the above-mentioned challenges, we introduce a novel customized network security for cloud service (CNS), which not only prevents attacks from external and internal traffic to ensure network security of services in cloud computing, but also affords customized network security service for cloud users. CNS is implemented by modifying the Xen hypervisor and proved by various experiments which showing the proposed solution can be directly applied to the extensive practical promotion in cloud computing.

AB - Modern cloud computing platforms based on virtual machine monitors (VMMs) host a variety of complex businesses which present many network security vulnerabilities. In order to protect network security for these businesses in cloud computing, nowadays, a number of middleboxes are deployed at front-end of cloud computing or parts of middleboxes are deployed in cloud computing. However, the former is leading to high cost and management complexity, and also lacking of network security protection between virtual machines while the latter does not effectively prevent network attacks from external traffic. To address the above-mentioned challenges, we introduce a novel customized network security for cloud service (CNS), which not only prevents attacks from external and internal traffic to ensure network security of services in cloud computing, but also affords customized network security service for cloud users. CNS is implemented by modifying the Xen hypervisor and proved by various experiments which showing the proposed solution can be directly applied to the extensive practical promotion in cloud computing.

KW - Cloud computing

KW - Communication networks

KW - Complexity theory

KW - Computer architecture

KW - Computer crime

KW - customized network security service

KW - FDCs

KW - Middleboxes

KW - network security

KW - packet delay

KW - throughput

KW - unified management

UR - http://www.scopus.com/inward/record.url?scp=85023610827&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85023610827&partnerID=8YFLogxK

U2 - 10.1109/TSC.2017.2725828

DO - 10.1109/TSC.2017.2725828

M3 - Article

JO - IEEE Transactions on Services Computing

JF - IEEE Transactions on Services Computing

SN - 1939-1374

ER -