Supervision : Guy PUJOLLE

Co-supervision : NOGUEIRA Michèle

Network Security Management Using a Novel Firewall Cloud-Based Service

Cloud computing has evolved over the last decade from a simple storage service for more complex services, offering the software as a service (SaaS) platforms as a service (PaaS) and most recently the security as a service (SECaaS). In our work, we started with the simple idea to use the resources offered by the Cloud with a low financial cost to propose new architectures of security service.
The security of virtual environments is a major issue for the deployment of the use of the Cloud. Unfortunately, these environments are composed of a set of already existing technologies used in a new way, many security solutions are only traditional reconditioned solutions to solve the Cloud and virtual networks security issues.
The work done in this thesis is a response to the resource limitations of physical security devices such as firewalls and propose new security architectures consist of management of network security in the cloud-based services following Security as a Service model and propose novel architectures for managing these services.
We took the initiative to propose a completely Cloud-Based architecture. The latter allows a cloud provider to provide firewalling service to its customers. It asks them to subscribe to the offer by guaranteeing treatment (analysis) with a capacity of bandwidth traffic with functional filtering rules and other proposed by the subscriber.
The results demonstrated the ability of our architecture to manage and cope with network DDoS attacks and to increase analytical capacity by distributing traffic over multiple virtual.

2012-2016 Publications

• 2016
  • N. El Madhoun, F. Guenane, G. Pujolle : “An Online Security Protocol for NFC Payment Formally Analyzed by The Scyther Tool”, The Second IEEE International Conference On Mobile And Secure Services, Gainesville, Florida, United States (2016)
• 2015
  • N. El Madhoun, F. Guenane, G. Pujolle : “A Cloud-Based Secure Authentication Protocol for Contactless-NFC Payment”, Cloud Networking (CloudNet), 2015 IEEE 4^th International Conference on, Niagara Falls, Canada, pp. 328-330 (2015)
  • F. Guenane, Ah. Serhrouchni, G. Pujolle : “An Authentication Architecture for Cloud-Based Firewalling Service”, First Conference on Mobile and Secure Services (MOBISECSERV 2015), Gainesville, Florida, United States, (IEEE) (2015)
• 2014
  • F. Guenane : “Gestion de la sécurité des réseaux à l’aide d’un service innovant de Cloud Based Firewall”, thesis, defence 10/13/2014, supervision Pujolle, Guy, co-supervision : Nogueira, Michèle (2014)
  • N. El Madhoun, F. Guenane, G. Pujolle : “AN INNOVATIVE CLOUD-BASED RFID TRACEABILITY ARCHITECTURE AND SERVICE”, The 5^th International Conference On Network of the Future, Paris, France, pp. 1-5 (2014)
  • F. Guenane, M. Nogueira Lima, G. Pujolle : “A Hybrid Architecture to Manage Performance and Reliability on Cloud-Based Firewalling”, IEEE/IFIP Network Operations and Management Symposium, NOMS 2014, Krakow, Poland, pp. 1-5, (IEEE) (2014)
• 2012
  • M. Msahli, G. Pujolle, Ah. Serhrouchni, Ah. Fadlallah, F. Guenane : “Openflow and on demand networks”, 2012 Third International Conference on the Network of the Future (NOF), Tunis, Tunisia, pp. 1-5, (IEEE) (2012)
  • F. Guenane, G. Pujolle : “Strong virtual network authentication using EAP-TLS smart-cards”, Cloud Networking (CLOUDNET), 2012 IEEE 1^st International Conference on Cloud Networking, Paris, France, pp. 197-199, (IEEE) (2012)