NetODESSA: Dynamic policy enforcement in cloud networks

John Bellessa; Evan Kroske; Reza Farivar; Mirko Montanari; Kevin Larson; Roy H. Campbell

doi:10.1109/SRDSW.2011.24

NetODESSA: Dynamic policy enforcement in cloud networks

John Bellessa, Evan Kroske, Reza Farivar, Mirko Montanari, Kevin Larson, Roy H. Campbell

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The networking environments found in cloud computing systems are highly complex and dynamic. Consequently, they have strained current policy management and enforcement systems that are based on writing explicit rules about individual hosts. In response, we propose NetODESSA, an inference-based system for network configuration and dynamic policy enforcement. NetODESSA permits the construction of flexible and resilient dynamic networks by allowing network administrators to write general policies about classes of hosts that are combined with runtime information to form network-level actions. Moreover, NetODESSA will infer refinements to the policy from network and host-level data, ensuring that the network remains secure. We have created an initial design for the system and implemented a basic prototype, demonstrating the practicality of this scheme.

Original language	English (US)
Title of host publication	Proceedings - 2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011
Pages	57-61
Number of pages	5
DOIs	https://doi.org/10.1109/SRDSW.2011.24
State	Published - 2011
Event	2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011 - Madrid, Spain Duration: Oct 4 2011 → Oct 7 2011

Publication series

Name	Proceedings of the IEEE Symposium on Reliable Distributed Systems
ISSN (Print)	1060-9857

Other

Other	2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011
Country/Territory	Spain
City	Madrid
Period	10/4/11 → 10/7/11

Keywords

Dynamic networks
Network management
Network monitoring
Network security
Resilience

ASJC Scopus subject areas

Software
Theoretical Computer Science
Hardware and Architecture
Computer Networks and Communications

Online availability

10.1109/SRDSW.2011.24

Library availability

Discover UIUC Full Text

Cite this

Bellessa, J., Kroske, E., Farivar, R., Montanari, M., Larson, K., & Campbell, R. H. (2011). NetODESSA: Dynamic policy enforcement in cloud networks. In Proceedings - 2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011 (pp. 57-61). Article 6076814 (Proceedings of the IEEE Symposium on Reliable Distributed Systems). https://doi.org/10.1109/SRDSW.2011.24

NetODESSA: Dynamic policy enforcement in cloud networks. / Bellessa, John; Kroske, Evan; Farivar, Reza et al.
Proceedings - 2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011. 2011. p. 57-61 6076814 (Proceedings of the IEEE Symposium on Reliable Distributed Systems).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Bellessa, J, Kroske, E, Farivar, R, Montanari, M, Larson, K & Campbell, RH 2011, NetODESSA: Dynamic policy enforcement in cloud networks. in Proceedings - 2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011., 6076814, Proceedings of the IEEE Symposium on Reliable Distributed Systems, pp. 57-61, 2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011, Madrid, Spain, 10/4/11. https://doi.org/10.1109/SRDSW.2011.24

@inproceedings{a295b43a36124d7ea9ce84bccd9cc4ff,

title = "NetODESSA: Dynamic policy enforcement in cloud networks",

abstract = "The networking environments found in cloud computing systems are highly complex and dynamic. Consequently, they have strained current policy management and enforcement systems that are based on writing explicit rules about individual hosts. In response, we propose NetODESSA, an inference-based system for network configuration and dynamic policy enforcement. NetODESSA permits the construction of flexible and resilient dynamic networks by allowing network administrators to write general policies about classes of hosts that are combined with runtime information to form network-level actions. Moreover, NetODESSA will infer refinements to the policy from network and host-level data, ensuring that the network remains secure. We have created an initial design for the system and implemented a basic prototype, demonstrating the practicality of this scheme.",

keywords = "Dynamic networks, Network management, Network monitoring, Network security, Resilience",

author = "John Bellessa and Evan Kroske and Reza Farivar and Mirko Montanari and Kevin Larson and Campbell, {Roy H.}",

year = "2011",

doi = "10.1109/SRDSW.2011.24",

language = "English (US)",

isbn = "9780769544519",

series = "Proceedings of the IEEE Symposium on Reliable Distributed Systems",

pages = "57--61",

booktitle = "Proceedings - 2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011",

note = "2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011 ; Conference date: 04-10-2011 Through 07-10-2011",

}

TY - GEN

T1 - NetODESSA

T2 - 2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011

AU - Bellessa, John

AU - Kroske, Evan

AU - Farivar, Reza

AU - Montanari, Mirko

AU - Larson, Kevin

AU - Campbell, Roy H.

PY - 2011

Y1 - 2011

N2 - The networking environments found in cloud computing systems are highly complex and dynamic. Consequently, they have strained current policy management and enforcement systems that are based on writing explicit rules about individual hosts. In response, we propose NetODESSA, an inference-based system for network configuration and dynamic policy enforcement. NetODESSA permits the construction of flexible and resilient dynamic networks by allowing network administrators to write general policies about classes of hosts that are combined with runtime information to form network-level actions. Moreover, NetODESSA will infer refinements to the policy from network and host-level data, ensuring that the network remains secure. We have created an initial design for the system and implemented a basic prototype, demonstrating the practicality of this scheme.

AB - The networking environments found in cloud computing systems are highly complex and dynamic. Consequently, they have strained current policy management and enforcement systems that are based on writing explicit rules about individual hosts. In response, we propose NetODESSA, an inference-based system for network configuration and dynamic policy enforcement. NetODESSA permits the construction of flexible and resilient dynamic networks by allowing network administrators to write general policies about classes of hosts that are combined with runtime information to form network-level actions. Moreover, NetODESSA will infer refinements to the policy from network and host-level data, ensuring that the network remains secure. We have created an initial design for the system and implemented a basic prototype, demonstrating the practicality of this scheme.

KW - Dynamic networks

KW - Network management

KW - Network monitoring

KW - Network security

KW - Resilience

UR - http://www.scopus.com/inward/record.url?scp=83255173900&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=83255173900&partnerID=8YFLogxK

U2 - 10.1109/SRDSW.2011.24

DO - 10.1109/SRDSW.2011.24

M3 - Conference contribution

AN - SCOPUS:83255173900

SN - 9780769544519

T3 - Proceedings of the IEEE Symposium on Reliable Distributed Systems

SP - 57

EP - 61

BT - Proceedings - 2011 30th IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS 2011

Y2 - 4 October 2011 through 7 October 2011

ER -

NetODESSA: Dynamic policy enforcement in cloud networks

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this