Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

Meeting of the European Network of Universities and Companies in Information and Communication Engineering

EUNICE 2012: Information and Communication Technologies pp 41–51Cite as

  1. Home
  2. Information and Communication Technologies
  3. Conference paper
A Framework for Security Context Migration in a Firewall Secured Virtual Machine Environment

A Framework for Security Context Migration in a Firewall Secured Virtual Machine Environment

  • Zahra Tavakoli17,
  • Sebastian Meier17 &
  • Alexander Vensmer17 
  • Conference paper
  • 1533 Accesses

  • 7 Citations

Part of the Lecture Notes in Computer Science book series (LNISA,volume 7479)

Abstract

Current virtualization technologies enable hosting of a large number of Virtual Machines (VMs) on a common physical host. The hypervisor interconnects these VMs via Virtual Networks (VNs). These VNs underlie the same security requirements as physical networks. Network elements such as stateful firewalls contribute in enforcing this security. With the advent of stateful firewalls on the hypervisor level, a new challenge arises when it comes to VM migration. Not only the VM itself, but also the associated Security Context (SC) has to migrate. Current open-source hypervisors do not address this issue. In this paper we present the architecture and implementation of our framework for migrating SC along with VMs.

Keywords

  • Virtualization
  • Firewall
  • Security
  • Migration

Download conference paper PDF

References

  1. Cisco nexus 1000v series switches (March 2012), http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns892/ns894/at_a_glance_c45-492852.pdf

  2. Conntrack tools (March 2012), http://conntrack-tools.netfilter.org/index.html

  3. Kvm (March 2012), http://www.linux-kvm.org

  4. Kvm live migration (March 2012), http://www.linux-kvm.org/page/Migration

  5. Libvirt (March 2012), http://www.libvirt.org

  6. Netfilter (March 2012), http://www.Netfilter.org

  7. Qemu (March 2012), http://www.qemu.org

  8. Vmware (March 2012), http://www.VMware.com

  9. Xen (March 2012), http://www.xen.org

  10. Arcangeli, A., Eidus, I., Wright, C.: Increasing memory density by using kvm. In: Proceedings of the Linux Symposium, pp. 19–28 (2009)

    Google Scholar 

  11. Dawoud, W., Takouna, I., Meinel, C.: Infrastructure as a service security: Challenges and solutions. Security (2010), http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5461732

  12. Kent, S., Seo, K.: Security Architecture for the Internet Protocol. RFC 4301, IETF (December 2005)

    Google Scholar 

  13. Miao, Q.G., Hui-Liu, Zhang, X.G., Liu, Z.L., Yang, Y.Z., Yun-Wang, Yin-Cao: Developing a virtual network environment for analyzing malicious network behavior. In: 2010 International Conference on Educational and Network Technology (ICENT), pp. 271–275 (June 2010)

    Google Scholar 

  14. Shah, A.: Kernel-based virtualization with kvm. Linux Magazine 86, 37–39 (2008), http://www.linux-magazine.com/w3/issue/86/Kernel_Based_Virtualization_With_KVM.pdf

    Google Scholar 

  15. Wu, H., Ding, Y., Winer, C., Yao, L.: Network security for virtual machine in cloud computing. In: 2010 5th International Conference on Computer Sciences and Convergence Information Technology (ICCIT), November 30-December 2, pp. 18–21 (2010)

    Google Scholar 

  16. Xianqin, C., Han, W., Sumei, W., Xiang, L.: Seamless virtual machine live migration on network security enhanced hypervisor. In: 2009 2nd IEEE International Conference on Broadband Network Multimedia Technology, pp. 847–853 (2009), http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=5347800

Download references

Author information

Authors and Affiliations

  1. Institute of Communication Networks and Computer Engineering (IKR), University of Stuttgart, Pfaffenwaldring 47, 70569, Stuttgart, Germany

    Zahra Tavakoli, Sebastian Meier & Alexander Vensmer

Authors
  1. Zahra Tavakoli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sebastian Meier
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alexander Vensmer
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Telecommunications and Media Informatics, Budapest University of Technology and Economics, Magyar Tudósok krt.2, 1117, Budapest, Hungary

    Róbert Szabó & Attila Vidács & 

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 IFIP International Federation for Information Processing

About this paper

Cite this paper

Tavakoli, Z., Meier, S., Vensmer, A. (2012). A Framework for Security Context Migration in a Firewall Secured Virtual Machine Environment. In: Szabó, R., Vidács, A. (eds) Information and Communication Technologies. EUNICE 2012. Lecture Notes in Computer Science, vol 7479. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32808-4_5

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-32808-4_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32807-7

  • Online ISBN: 978-3-642-32808-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature