| With the development of cloud computing, the research of virtualization technology has become more and more important. Virtualization technology, abstracting the physical hardware, provides a unified interface to the outside world as resource pools. Virtualization technology can improve the usage of hardware, simplify the process of configuration. Also, networking virtualization depress the dependency of hardware and the cost of building a local area network.Virtualization technology also brought a series of security issues, such as shared memory virtualized VMs increases the risk of information leakage, Hypervisor manage virtual machines, also bring risks to its guest virtual machine. Traditional network security devices can’t see the traffic flow inside a physical machine bring risks too.This paper focuses on the virtual network access control policy research, increasing fine-grained access control policies. And Open vSwitch as the specific object of study. This paper analyzes the virtual OpenFlow switch architecture to study the Controller’s working process, followed by the study of the Open vSwitch switch functions, and focuses on the Open vSwitch to protocol-based OpenFlow control-switch mechanism, and its access control rules, and then modify the controller in the access control policy, increasing its size, through strategic management, dynamic adjustment rule strategy to adapt to the dynamic changes of virtualized environments. The experiments show that, after the custom access control policies can be more refined network access control, and virtual machine migration can also update its access control policy to adapt to dynamic change, to ensure that access control policies even after the virtual machine migration continue to play a role. |
PDF Full Text Request