Isolation in modern networks and services

Project Details


Firewalls in computer networks implement isolation and filter connections, and they are usually deployed as part of a defense-in-depth strategy. This established design is challenged by developments in network and service architectures. Both computing platforms and networks have become more complex with increased physical and logical distribution, layers of virtualization, and dynamic configurations. Many products claim to enforce isolation in such systems, but it is difficult to understand what they really achieve. We will develop methods and tools for analyzing internal firewall-like isolation policies in the modern service and network architectures. The main targets for the analysis are cloud applications with the microservice architecture, and isolation mechanisms for untrusted smart appliances in local networks. The outcome is testing methods and tools that make connectivity and isolation between the system components visible to a security analyst and to the software developer.
Effective start/end date01/01/202231/12/2024


Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.
  • Analyzing Microservice Connectivity with Kubesonde

    Bufalino, J., Di Francesco, M. & Aura, T., 30 Nov 2023, ESEC/FSE 2023: Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. Chandra, S., Blincoe, K. & Tonella, P. (eds.). New York: ACM, p. 2038–2043 6 p.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    Open Access
    37 Downloads (Pure)