Abstract
ProtoGENI is one of the prototype implementations of global environment for network innovations (GENI). ProtoGENI proposes and executes the GENI control framework, including resource management and allocation for authenticated and authorized experimenters. Security and inevitably are the most important concerns in the whole development process. In this paper, we study and evaluate its security vulnerabilities according to GENI's security goals. We analyze the threat model of ProtoGENI and categorize four broad classes of attacks. Based on the role of an active experimenter, we demonstrate experiments as proof of the concept that each class of attacks can be successfully launched using common open source network tools. We also present analysis and experiments that show perspectives on the potential risks from an external user. Furthermore, we discuss the feasibility and possible defense strategies on ProtoGENI security with respect to our preliminary experiments and potential future directions. Our contribution lies in examining known vulnerabilities without requiring sophisticated experiments while remaining effective. We have reported our findings to the ProtoGENI Team. Our work indicates that the solutions have been deployed. This paper validates that experiment-based vulnerability exploration is necessary.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
