摘要(英) |
With the rapid growth of cloud computing, there are many new services and technologies forming in the clouds. Cloud computing not only provides a convenient way of daily life, but also changed the habits of the public and existing concepts. The deployment of cloud computing environment can be divided into three types: private cloud, public cloud and hybrid cloud. User’s personal information may be stored in different cloud environment. Therefore, intercloud computing and its services must allow users and cloud providers able to access information on the different cloud. However, the accompanying issues are information disclosure and other challenge.
In recent years, the existing network devices are not sufficient to fully meet the various different types of user needs, which are arise with the innovation of network technology. Stanford University developed the NetFPGA platform which is based on a programmable NIC. And it has become one of the important products to experiment high-speed network environment. By the characteristic of programmable logic design on NetFPGA, researcher can implement the functions which are suitable on their demand. Building the intercloud computing environment with OpenFlow to explore and resolve problems that may occur on interoperate among different clouds.
We use OpenFlow Switch to implement network virtualization. Let different clouds interoperate like they are in the same private network. And we are also using Bloom Filter to store forwarding path in Intercloud Filter, which can reach information hidden when packet was traveling on Internet. It can also be used on intercloud migration request’s multicast. On the other hand, through the up-to-date Intercloud Filter, VM can continue the original communication with no influence after the intercloud migration.
|
參考文獻 |
[1] P. Mell, and T. Grance, “The NIST Definition of Cloud Computing”, National Institute of Standards and Technology. September 2011.
[2] D. Bernstein, E. Ludvigson, K. Sankar, S. Diamond, and M. Morrow, “Blueprint for the Intercloud – Protocols and Formats for Cloud Computing Interoperability”, In Proceedings of the Fourth International Conference on Internet and Web Applications and Services, pp. 328-336, May 2009.
[3] S. Chen, S. Nepal, and R. Liu, “Secure Connectivity for Intra-Cloud and Inter-Cloud Communication”, International Conference on Parallel Processing Workshops, 2011.
[4] G. Gibb, J. W. Lockwood, J. Naous, P. Hartke, and N. McKeown, “NetFPGA─An Open Platform for Teaching How to Build Gigabit-Rate Network Switches and Routers”, IEEE Trans. Education, Vol 51, pp. 364-369, August 2008.
[5] NetFPGA:NetFPGA Technical Specifications。http://www.netfpga.org/php/specs.php。
[6] Stanford University Course:CS344: Building an Internet Router。http://yuba.stanford.edu/cs344/。
[7] N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner, “OpenFlow: Enabling Innovation in Campus Networks”, ACM SIGCOMM Computer Communication Review, Vol 38, pp. 69-74, April 2008.
[8] OpenFlow:OpenFlow Switch Specification。http://www.openflow.org/documents/openflow-spec-v1.1.0.pdf。
[9] NOX。http://www.noxrepo.org/。
[10] NOX:NOX API notes。https://github.com/noxrepo/nox-classic/wiki/NOX-API-notes。
[11] NOX:NOX GUI。https://github.com/noxrepo/nox-classic/wiki/NOX-GUI。
[12] B. Bloom, “Space/time trade-offs in hash coding with allowable errors”, Communications of the ACM, Vol 13, pp. 422-426, July 1970.
[13] P. Jokela, A. Zahemszky, C. E. Rothenberg. S. Afianfar, and P. Nikander, “LIPSIN: Line Speed Publish/Subscribe Inter-Networking”, ACM SIGCOMM Computer Communication Review, Vol 39, pp. 195-206, October 2009.
[14] IEEE:IEEE Standards for Local and Metropolitan Area Networks: Virtual Bridged Local Area Networks。http://standards.ieee.org/getieee802/download/802.1Q-1998.pdf。
[15] IETF:RFC 4301: Security Architecture for the Internet Protocol。http://tools.ietf.org/html/rfc4301。
[16] IETF:RFC 6101: The Secure Socket Layer (SSL) Protocol Version 3.0。http://tools.ietf.org/html/rfc6101。
[17] IETF:RFC 6347: Datagram Transport Layer Security Version 1.2。http://tools.ietf.org/html/rfc6347
[18] N. Modadugu, and E. Rescorla, “The Design and Implementation of Datagram TLS”, In Proceedings of ISOC NDSS, 2004.
[19] IETF:RFC3078: Microsoft Point-To-Point Encryption (MPPE) Protocol。http://tools.ietf.org/html/rfc3078。
[20] Microsoft MSDN:Secure Socket Tunneling Protocol (SSTP) Specification。http://msdn.microsoft.com/en-us/library/cc247338%28v=prot.10%29.aspx。
[21] IETF:RFC 4251: The Secure Shell (SSH) Protocol Architecture。http://tools.ietf.org/html/rfc4251。
[22] C. E. Rothenberg, P. Jokela, P. Nikander. “Self-routing Denial-of-Service Resistant Capabilities using In-packet Bloom Filters”, In proceeding of 2009 European Conference on Computer Network Defense, pp. 46-51, November 2009.
[23] Iperf。http://iperf.sourceforge.net/。
[24] Wireshark。http://www.wireshark.org/。
[25] Colasoft Packet Builder。http://www.colasoft.com/packet_builder/。
[26] VideoLan。http://www.videolan.org/。
[27] Xen。http://xen.org/。
[28] vsftpd。https://security.appspot.com/vsftpd.html/
|