• DocumentCode
    2302985
  • Title

    NetODESSA: Dynamic Policy Enforcement in Cloud Networks

  • Author

    Bellessa, John ; Kroske, Evan ; Farivar, Reza ; Montanari, Mirko ; Larson, Kevin ; Campbell, Roy H.

  • Author_Institution
    Univ. of Illinois at Urbana-Champaign, Urbana, IL, USA
  • fYear
    2011
  • fDate
    4-7 Oct. 2011
  • Firstpage
    57
  • Lastpage
    61
  • Abstract
    The networking environments found in cloud computing systems are highly complex and dynamic. Consequently, they have strained current policy management and enforcement systems that are based on writing explicit rules about individual hosts. In response, we propose NetODESSA, an inference-based system for network configuration and dynamic policy enforcement. NetODESSA permits the construction of flexible and resilient dynamic networks by allowing network administrators to write general policies about classes of hosts that are combined with runtime information to form network-level actions. Moreover, NetODESSA will infer refinements to the policy from network and host-level data, ensuring that the network remains secure. We have created an initial design for the system and implemented a basic prototype, demonstrating the practicality of this scheme.
  • Keywords
    cloud computing; inference mechanisms; NetODESSA; cloud computing systems; cloud networks; dynamic policy enforcement; inference based system; network configuration; Control systems; Engines; Monitoring; Ontologies; Prototypes; Resource description framework; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Reliable Distributed Systems Workshops (SRDSW), 2011 30th IEEE Symposium on
  • Conference_Location
    Madrid
  • Print_ISBN
    978-1-4577-1624-9
  • Type

    conf

  • DOI
    10.1109/SRDSW.2011.24
  • Filename
    6076814
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2302985