Abstract
To ensure security, cloud service providers employ security groups as a key tool for cloud tenants to protect their virtual machines from unwanted traffic. However, security groups can be complex and often hard to configure, which may result in security vulnerabilities that impact the entire cloud platform. To assist tenants in designing better security groups, in this paper, we propose and develop a system called Secgras. Secgras enables tenants to visualize and hence to understand the static and dynamic access relations among virtual machine (VM) instances. Secgras also helps diagnose potential misconfigurations and provides suggestions to refine security group configurations based on real traffic traversing tenants VMs.
Original language | English (US) |
---|---|
Title of host publication | Proceedings - IEEE 22nd International |
Publisher | IEEE Computer Society |
Pages | 215-220 |
Number of pages | 6 |
ISBN (Electronic) | 9781479962044 |
DOIs | |
State | Published - Dec 9 2014 |
Event | 22nd IEEE International Conference on Network Protocols, ICNP 2014 - Research Triangle, United States Duration: Oct 21 2014 → Oct 24 2014 |
Publication series
Name | Proceedings - International Conference on Network Protocols, ICNP |
---|---|
ISSN (Print) | 1092-1648 |
Other
Other | 22nd IEEE International Conference on Network Protocols, ICNP 2014 |
---|---|
Country/Territory | United States |
City | Research Triangle |
Period | 10/21/14 → 10/24/14 |
Bibliographical note
Publisher Copyright:© 2014 IEEE.