TY - GEN
T1 - Secgras
T2 - 22nd IEEE International Conference on Network Protocols, ICNP 2014
AU - Jin, Cheng
AU - Srivastava, Abhinav
AU - Jin, Yu
AU - Zhang, Zhi-Li
N1 - Publisher Copyright:
© 2014 IEEE.
Copyright:
Copyright 2015 Elsevier B.V., All rights reserved.
PY - 2014/12/9
Y1 - 2014/12/9
N2 - To ensure security, cloud service providers employ security groups as a key tool for cloud tenants to protect their virtual machines from unwanted traffic. However, security groups can be complex and often hard to configure, which may result in security vulnerabilities that impact the entire cloud platform. To assist tenants in designing better security groups, in this paper, we propose and develop a system called Secgras. Secgras enables tenants to visualize and hence to understand the static and dynamic access relations among virtual machine (VM) instances. Secgras also helps diagnose potential misconfigurations and provides suggestions to refine security group configurations based on real traffic traversing tenants VMs.
AB - To ensure security, cloud service providers employ security groups as a key tool for cloud tenants to protect their virtual machines from unwanted traffic. However, security groups can be complex and often hard to configure, which may result in security vulnerabilities that impact the entire cloud platform. To assist tenants in designing better security groups, in this paper, we propose and develop a system called Secgras. Secgras enables tenants to visualize and hence to understand the static and dynamic access relations among virtual machine (VM) instances. Secgras also helps diagnose potential misconfigurations and provides suggestions to refine security group configurations based on real traffic traversing tenants VMs.
UR - http://www.scopus.com/inward/record.url?scp=84919958610&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84919958610&partnerID=8YFLogxK
U2 - 10.1109/ICNP.2014.42
DO - 10.1109/ICNP.2014.42
M3 - Conference contribution
AN - SCOPUS:84919958610
T3 - Proceedings - International Conference on Network Protocols, ICNP
SP - 215
EP - 220
BT - Proceedings - IEEE 22nd International
PB - IEEE Computer Society
Y2 - 21 October 2014 through 24 October 2014
ER -