Virtual machine migration is an essential capability that supports cloud service elasticity. However, there is a big concern on what happens to the security policy associated with the migrated machine. Recently, Software Defined Networking (SDN) has gained momentum in both research and industry. It has shown great potential to be used in cloud data centers, particularly for inter-domains migration of virtual machines. In this paper, we propose a novel framework, to be deployed in an SDN environment that coordinates the mobility of the associated security policy along with the migrated virtual machine. We implemented our framework into a prototype application, called MigApp that runs on top of SDN controllers. Our application interacts with the virtual machine monitor and other instances of MigApp through messaging system to achieve security migration. In order to evaluate our framework, we integrate our application with the Floodlight controller and use it with a simulation environment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.