level. The IVC model is a set of technical virtual
connections (TVC); the number and characteristics
of these TVCs are determined by the Cartesian
product of the information interaction access model
(IIM), the access subject model (IMS), and the
access object model(IMO) (2).
)(,1},{ IMOIMSIIMNiTVCIVC
i
××⊂==
(2)
This formalization allows representing the access
IIM as a finite subset. The size of this subset is
determined based on the description of
interconnection subjects permitted within the given
access control policy. IMO is characterized by a
finite subset of information and network resources,
the access to which is This formalization allows
representing the access IIM as a finite subset. The
size of this subset is determined based on the
description of interconnection subjects permitted
within the given access control policy. IMO is
characterized by a finite subset of information and
network resources, the access to which is permitted
in accordance with the access control policies. IMS
describes the operations performed by the access
subject within the bounds of IMO. In accordance
with the access control policies, IMS describes the
operations performed by the access subject within
the bounds of IMO.
4 PARALLEL PROCESSING OF
VIRTUAL CONNECTIONS
Virtual connection (VC), as some abstract, exists in
parallel to and independently from other virtual
connections. Virtual connections do not share any
resources, which allows parallel processing of
virtual connections. (Zaborovsky, Lukashin,
Kupreenko, 2010). The suggested approach to the
network traffic filtering is based on the concept of a
virtual connection and allows extracting the
connection context. The connection context can be
represented as a vector Y
i
, of parameters, for
example, source and destination addresses, port,
connection status (for TCP protocol), etc.
Controlling the virtual connection is calculating the
indicator function F, which requires resources such
as computing processors and operating memory (3).
,*}0,1{}( =
i
YF
(3)
The indicator function F takes the following
values: 1 – if VC is allowed, 0 – if VC is forbidden,
* – if at the current moment it is impossible to
clearly determine whether connection is prohibited
or not, the decision is postponed and VC is
temporarily allowed.
Computing problems could be divided into two
groups:
1. Stream-related tasks that can be calculated with
SIMD processing elements (for example, using
graphic processors and CUDA technology).
2. Computational problems solved on the standard
multicore computers MIMD.
Because the distributed environment is
heterogeneous with respect to the available
processing elements, both the streaming SIMD
processors and the classic MIMD multicore
processors can be used for the firewall tasks in the
cloud systems. Firewalls that protect the hypervisor
operate in the virtualized environment; thus, the
configuration (computing cores, memory, streaming
processing elements) of the protection device can be
changed depending on the loading options, access
policies, and the amount of available resources.
Calculation of the indicator function F can be
decomposed into multiple computing processes –
{F
i
}. In this case, the problem of VC control can be
described using the graph G(Q,X), which is called
the VC control information graph (you can find the
detailed description of stream tasks by graph in
(Kaliaev, Levin, Semernikov and Shmoylov, 2008)).
The VC control information graph consists of the set
of nodes; each of these nodes is attributed with the
operation F
i
. If two nodes q
i
and q
i+1
are connected
with an arc, then result of operation F
i
is the input
for the operation F
i+1
. Each node has an arc, which
corresponds to the case when F
i
= 0. Then VC is
considered as prohibited and no further analysis is
performed.
The multiprocessor computing system that solves
the firewall problems can be presented as a full mesh
computation system graph with MIMD and stream
computers as its nodes. This graph is a full mesh,
because the communications between CPUs are
provided by hardware and operating system, and
there is no predefined path between the cores, data
can pass directly from one node to another. Usually
the computation system graph and the control
information graph do not match each other, because
of amount of computing resources is limited and is
less than the amount of computational processes.
We can split the VC control graph in N non-
crossing subgraphs and, thus, build a VC operating
pipeline. Because the virtual connections exist
separately from each other, we can process them in
parallel. With the C compute nodes of MIMD type,
the operating time of VC processing would be
limited by (4).
ACCESS ISOLATION MECHANISM BASED ON VIRTUAL CONNECTION MANAGEMENT IN CLOUD SYSTEMS
- How to Secure Cloud System using High Perfomance Virtual Firewalls
373