Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Flowrider: Fast On-Demand Key Provisioning for Cloud Networks
RISE Research Institutes of Sweden. Lund University, Sweden.ORCID iD: 0000-0003-0132-857x
RISE Research Institutes of Sweden, Digital Systems, Data Science.ORCID iD: 0000-0001-8842-9810
Lund University, Sweden.
Lund University, Sweden.
2021 (English)In: International Conference on Security and Privacy in Communication SystemsSecureComm 2021: Security and Privacy in Communication Networks pp 207-228, Springer Science and Business Media Deutschland GmbH , 2021, p. 207-228Conference paper, Published paper (Refereed)
Abstract [en]

Increasingly fine-grained cloud billing creates incentives to review the software execution footprint in virtual environments. For example, virtual execution environments move towards lower overhead: from virtual machines to containers, unikernels, and serverless cloud computing. However, the execution footprint of security components in virtualized environments has either remained the same or even increased. We present Flowrider, a novel key provisioning mechanism for cloud networks that unlocks scalable use of symmetric keys and significantly reduces the related computational load on network endpoints. We describe the application of Flowrider to common transport security protocols, the results of its formal verification, and its prototype implementation. Our evaluation shows that Florwider uses up to an order of magnitude less CPU to establish a TLS session while preventing by construction some known attacks.

Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH , 2021. p. 207-228
Keywords [en]
Cloud security, Key management, Network security, Secure communication, Software defined networking, Cloud computing, Cloud data security, Virtual reality, Cloud networks, Cloud securities, Fine grained, Key-management, Low overhead, Networks security, On demands, Software execution, Software-defined networkings, Virtual execution environments
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:ri:diva-57358DOI: 10.1007/978-3-030-90022-9_11Scopus ID: 2-s2.0-85120078340ISBN: 9783030900212 (print)OAI: oai:DiVA.org:ri-57358DiVA, id: diva2:1623459
Conference
International Conference on Security and Privacy in Communication SystemsSecureComm 2021. 6 September 2021 through 9 September 2021
Note

Funding details: 952652; Funding details: Horizon 2020 Framework Programme, H2020; Funding details: Stiftelsen för Strategisk Forskning, SSF, RIT17-0035; Funding details: VINNOVA; Funding text 1: Acknowledgments. This work was financially supported in part by the Swedish Foundation for Strategic Research, with the grant RIT17-0035; by the H2020 project SIFIS-Home (Grant agreement 952652); VINNOVA and the CelticNext project CRI-TISEC and by the Wallenberg AI, Autonomous Systems and Software Program (WASP).

Available from: 2021-12-29 Created: 2021-12-29 Last updated: 2023-05-25Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Paladi, NicolaeTiloca, Marco

Search in DiVA

By author/editor
Paladi, NicolaeTiloca, Marco
By organisation
RISE Research Institutes of SwedenData Science
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 138 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf