HAN Zhenyang, CHEN Xingshu, HU Liang, CHEN Lin. Communication access control method based on software defined networking for virtual machines in IaaS platforms[J]. Journal of Computer Applications, 2015, 35(5): 1262-1266.
[1] MELL P, GRANCE T. The NIST definition of cloud computing, NIST SP 800-145[R]. Gaithersburg: National Institute of Standards and Technology, 2011: 1-7. [2] ONF Market Education Committee. Software-defined networking: the new norm for networks[M]. Palo Alto, California: Open Networking Foundation, 2012:1-12. [3] ETSI. Network function virtualization introductory white paper [EB/OL]. [2014-08-10]. http://portal.etsi.org/nfv/nfv_white_paper.pdf. [4] JANSEN W, GRANCE T. Guidelines on security and privacy in public cloud computing, NIST SP 800-144[J]. Gaithersburg: National Institute of Standards and Technology, 2011:23-24. [5] ARCHER J, BOEHM A. Security guidance for critical areas of focus in cloud computing v3.0[R/OL].[2014-06-20].https://cloudsecurityalliance.org/csaguide.pdf. [6] CATTEDDU D, HOGBEN G. Cloud computing: information assurance framework[C/OL] .[2014-06-20].http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-information-assurance-framework. [7] VMware, Inc. Next generation security with VMware NSX and Palo Alto networks VM-series [EB/OL]. [2014-09-20]. http://www.vmware.com/files/pdf/products/nsx/NSX-Palo-Alto-Networks-WP.pdf. [8] Internetworking task groups of IEEE 802.1. 802.1Qbg-edge virtual bridging [EB/OL]. [2014-12-31].http://www.ieee802.org/1/pages/ 802.1bg.html. [9] Internetworking task groups of IEEE 802.1. 802. 1BR-bridge port extension [EB/OL]. [2014-12-31].http://www.ieee802.org/1/ pages/802.1br.html. [10] TANG H, WANG J. Access control method: China, 103701822A[P] . 2014-04-02.(唐焕焕, 王军林. 访问控制方法: 中国, 103701822A[P] . 2014-04-02) . [11] Open Netwroking Foundation. OpenFlow switch specification 1.3.1[EB/OL]. [2014-08-01].https://www.opennetworking.org/images/stories/downloads/specification/openflow-spec-v1.3.1.pdf. [12] MAHALINGAM M, DUTT D, DUDA K, et al. VxLAN: a framework for overlaying virtualized layer 2 networks over layer 3 networks[EB/OL]. [2014-08-01]. http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-04. [13] SRIDHARAN M, WANG Y, GRAG P, et al. NVGRE: network virtualization using generic routing encapsulation [EB/OL]. [2014-08-01]. http://tools.ietf.org/html/draft-sridharan-virtualization-nvgre-03. [14] DAVIE B. STT: a stateless transport tunneling protocol for network virtualization[EB/OL]. [2014-08-15]. http://tools.ietf.org/html/draft-davie-stt-03. [15] CHEN L, CHEN X, JIANG J, et al. The research and practice of dynamic network security architecture for IaaS platform[J]. Tsinghua Science and Technology, 2014, 19(5):496-507. [16] THAMES J L, ABLER R, KEELING D. A distributed firewall and active response architecture providing preemptive protection[C]// Proceedings of the 46th Annual Southeast Regional Conference on XX. New York: ACM, 2008: 220-225.