About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6–9, 2021, Proceedings, Part II

Research Article

Flowrider: Fast On-Demand Key Provisioning for Cloud Networks

Download(Requires a free EAI acccount)
6 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-90022-9_11,
        author={Nicolae Paladi and Marco Tiloca and Pegah Nikbakht Bideh and Martin Hell},
        title={Flowrider: Fast On-Demand Key Provisioning for Cloud Networks},
        proceedings={Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6--9, 2021, Proceedings, Part II},
        proceedings_a={SECURECOMM PART 2},
        year={2021},
        month={11},
        keywords={Network security Software defined networking Secure communication Key management Cloud security},
        doi={10.1007/978-3-030-90022-9_11}
    }
    
  • Nicolae Paladi
    Marco Tiloca
    Pegah Nikbakht Bideh
    Martin Hell
    Year: 2021
    Flowrider: Fast On-Demand Key Provisioning for Cloud Networks
    SECURECOMM PART 2
    Springer
    DOI: 10.1007/978-3-030-90022-9_11
Nicolae Paladi,*, Marco Tiloca, Pegah Nikbakht Bideh, Martin Hell
    *Contact email: nicolae.paladi@eit.lth.se

    Abstract

    Increasingly fine-grained cloud billing creates incentives to review the software execution footprint in virtual environments. For example, virtual execution environments move towards lower overhead: from virtual machines to containers, unikernels, and serverless cloud computing. However, the execution footprint of security components in virtualized environments has either remained the same or even increased. We present Flowrider, a novel key provisioning mechanism for cloud networks that unlocks scalable use of symmetric keys and significantly reduces the related computational load on network endpoints. We describe the application of Flowrider to common transport security protocols, the results of its formal verification, and its prototype implementation. Our evaluation shows that Florwider uses up to an order of magnitude less CPU to establish a TLS session while preventing by construction some known attacks.

    Keywords
    Network security Software defined networking Secure communication Key management Cloud security
    Published
    2021-11-04
    Appears in
    SpringerLink
    http://dx.doi.org/10.1007/978-3-030-90022-9_11
    Copyright © 2021–2025 ICST
    EBSCOProQuestDBLPDOAJPortico
    EAI Logo

    About EAI

    • Who We Are
    • Leadership
    • Research Areas
    • Partners
    • Media Center

    Community

    • Membership
    • Conference
    • Recognition
    • Sponsor Us

    Publish with EAI

    • Publishing
    • Journals
    • Proceedings
    • Books
    • EUDL