Abstract
Network isolation is a critical modern Internet service. To date, network operators have created a logical network of distributed systems to provide communication isolation between different parties. However, the current network isolation is limited in scalability and flexibility. It limits the number of virtual networks and it only supports isolation at host (or virtual-machine) granularity. In this paper, we introduce Scalable Virtual Local Area Networking (SVLAN) that scales to a large number of distributed systems and offers improved flexibility in providing secure network isolation. With the notion of destination-driven reachability and packet-carrying forwarding state, SVLAN not only offers communication isolation but isolation can be specified at different granularities, e.g., per-application or per-process. Our proof-of-concept SVLAN implementation demonstrates its feasibility and practicality for real-world applications.
Cite
CITATION STYLE
Kwon, J., Lee, T., Hähni, C., & Perrig, A. (2020). SVLAN: Secure & Scalable Network Virtualization. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020. The Internet Society. https://doi.org/10.14722/ndss.2020.24162
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
