Abstract
Today most of the desktops, laptops are being shipped with the TPM and Virtualisation technology is widely being deployed. On the other hand, we are witnessing an increasing number of zero day attacks. Our analysis confirms that Local Area Networks are highly vulnerable to such attacks since there is free communication between the hosts in the LAN. A single compromised host can severely degrade the services in the traditional LAN and it is extremely difficult task for the security administrator to determine the compromised host that is generating attack traffic. In this paper we propose techniques to enhance the security in traditional LAN by making use of the trusted computing and virtualisation technologies. Often virtualisation is considered as a technology which enables to run multiple computers on a single server. We will show that virtualisation technology has significant benefits even if a single virtual machine is hosted on each VMM. Our model enables the security administrator to enforce security policies on the traffic that can be placed on the LAN medium. Hence our model efficiently deals with the attack at the VMM that is hosting the compromised virtual machine. The security can be enhanced furthermore by using the TPM technology to secure the virtualized local area networks. We will also present detail analysis of different cases scenarios on how the proposed model can enhance the security of the local area networks. There are several advantages with our model. Emerging attacks such as Conficker remain dormant in our proposed architecture in order to avoid detection. Hence our model can transform the highly vulnerable traditional LANs into trust enhanced and secure virtualized local area networks.
Original language | English |
---|---|
Title of host publication | TrustCom 2011 |
Subtitle of host publication | 2011 international joint conference of IEEE TrustCom-11/IEEE ICESS-11/FCST-11: 16-18 November 2011, Changsha, Hunan, P. R. China |
Editors | Guojun Wang, Stephen R. Tate, Jian-Jia Chen, Kouichi Sakurai |
Place of Publication | Los Alamitos, Calif |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Pages | 606-612 |
Number of pages | 7 |
ISBN (Print) | 9780769546001 |
DOIs | |
Publication status | Published - 2011 |
Event | 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2011), 8th IEEE International Conference on Embedded Software and Systems (ICESS 2011), 6th International Conference on Frontier of Computer Science and Technology (FCST 2011) - Changsha, China Duration: 16 Nov 2011 → 18 Nov 2011 |
Other
Other | 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2011), 8th IEEE International Conference on Embedded Software and Systems (ICESS 2011), 6th International Conference on Frontier of Computer Science and Technology (FCST 2011) |
---|---|
Country/Territory | China |
City | Changsha |
Period | 16/11/11 → 18/11/11 |