Nov 2012 - Paper: BlueShield: A Layer 2 Appliance for Enhanced Isolation and Security Hardening among Multi-tenant Cloud Workloads

Enhanced Isolation and Security (EIS) in a cloud are of significant concern. Many organizations are hesitant in migrating to a cloud based infrastructure due to the perceived limitations with EIS. Earlier, we had presented the quantitative risk and impact assessment framework (QUIRC) [1]. QUIRC can be used to assess the security risks associated with the cloud computing platforms. In the present work, design and implementation of Blue Shield is presented. Blue Shield is a Layer2 appliance for an EIS hardening among multi-tenant cloud workloads. Blue Shield architecture provides EIS, significantly reducing the threats faced by the tenants in a cloud environment. EIS provided by Blue Shield is validated using a proof of concept implementation. Then shortcomings of the various present approaches in addressing the identified security threats are explained. It is shown that the present security applications, deployed in a non-cloud environment, do not require modification during migration to Blue Shield based clouds. Furthermore, the proposed design provides high level of protection among the VMs in the same VLAN.

Download: IEEE link, Local copy

A patent on same was granted with title - "Isolation and security hardening among workloads in a multi-tenant networked environment" - US 8,832,820 B2

July 2011 - Paper: A novel Network architecture for Cognitive Wireless Sensor Network

Recent advances in wireless communications and electronics have enabled the development of low cost, low power, multi-functional sensor nodes that are small in size. These nodes coordinate to perform distributed sensing in various fields such as health, military, home etc. But these small devices in Wireless Sensor Network (WSN) are still limited with some constrains, and efforts are required to increase the lifetime and other performance measures of the network. On the other hand, with recent advances in Cognitive Radio (CR) technology, it is possible to apply the Dynamic Spectrum Access (DSA) model in WSNs to get better throughput, even in congested spectrum along with better propagation characteristics. This paper proposes a novel architecture for Cognitive-WSN which consists of a Forest of Distributed Minimum Spanning Trees. Paper also shows that this multilevel network provides fault tolerance, admits simple routing, and offers easy extensibility with power efficiency.

Download: IEEE link, Local copy