Framework Implementation Based on Grid of Smartcards to Authenticate Users and Virtual Machines

Hassane Aissaoui-Mehrez, Pascal Urien, Guy Pujolle

Abstract

The Security for the Future Networks (SecFuNet) project proposes to integrate the secure microcontrollers in order to introduce, among its many services, authentication and authorization functions for Cloud and virtual environments. One of the main goals of SecFuNet is to develop a secure infrastructure for virtualized environments and Clouds in order to provide strong isolation among virtual infrastructures, and guarantee that one virtual machine (VM) should not interfere with others. The goal of this paper is to describe the implementation and the experimentation of the solution for identifying users and nodes in the SecFuNet architecture. In this implementation, we also employ low-cost smartcards. Only authorized users are allowed to create or instantiate virtual environments. Thus, users and hypervisors are equipped with secure elements, used to open TLS secure channels with strong mutual authentication.

References

  1. Jurgensen, T.M. et. al., 2002. Paper Prentice Hall PTR, ISBN 0130937304, Smartcards: The Developer's Toolkit.
  2. Chen, Z., 2002. Addison-Wesley Pub Co 2002, ISBN 020170329, Java CardTM Technology for Smart cards: Architecture and Programmer's.
  3. Menon, A., Cox, A. L., and Zwaenepoel, W., 2006. in Proceedings of the annual conference on USENIX 7806 Annual Technical Conference, ATEC' 06, (Berkeley, CA, USA), pp. 2-2, USENIX Association, Optimizing network virtualization in xen.
  4. Pujolle, G., Urien, P., 2008. International Journal of Network Management, IJNM, Volume 18 Issue 2 (March/April 2008), WILEY, Security and Privacy for the next Wireless Generation.
  5. Urien, P., 2013. IETF draft, EAP-Support in Smartcard", draft-urien-eap-smartcard-25.txt.
  6. RFC 3748, 2004. Extensible Authentication Protocol, (EAP).
  7. RFC 5216, 2008. The EAP-TLS Authentication Protocol.
Download


Paper Citation


in Harvard Style

Aissaoui-Mehrez H., Urien P. and Pujolle G. (2014). Framework Implementation Based on Grid of Smartcards to Authenticate Users and Virtual Machines . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 285-290. DOI: 10.5220/0005046102850290


in Bibtex Style

@conference{secrypt14,
author={Hassane Aissaoui-Mehrez and Pascal Urien and Guy Pujolle},
title={Framework Implementation Based on Grid of Smartcards to Authenticate Users and Virtual Machines},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={285-290},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005046102850290},
isbn={978-989-758-045-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Framework Implementation Based on Grid of Smartcards to Authenticate Users and Virtual Machines
SN - 978-989-758-045-1
AU - Aissaoui-Mehrez H.
AU - Urien P.
AU - Pujolle G.
PY - 2014
SP - 285
EP - 290
DO - 10.5220/0005046102850290