Implications and Limitations of Securing an Infiniband Network

Abstract

The InfiniBand Architecture is one of the leading network interconnects used in high performance computing, delivering very high bandwidth and low latency. As the popularity of InfiniBand increases, the possibility for new InfiniBand applications arise outside the domain of high performance computing, thereby creating the opportunity for new security risks. In this work, new security questions are considered and addressed. The study demonstrates that many common traffic analyzing tools cannot monitor or capture InfiniBand traffic transmitted between two hosts. Due to the kernel bypass nature of InfiniBand, many host-based network security systems cannot be executed on InfiniBand applications. Those that can impose a significant performance loss for the network. The research concludes that not all network security practices used for Ethernet translate to InfiniBand as previously suggested and that an answer to meeting specific security requirements for an InfiniBand network might reside in hardware offload.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 26, 2020
Accession Number
AD1102978

Entities

People

  • Lucas E Mireles

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Advanced Electronics
  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Air Force
  • Application-Specific Integrated Circuits
  • Computer Communications
  • Computer Languages
  • Computer Network Security
  • Computer Networks
  • Computer Programming
  • Computer Security Techniques
  • Computers
  • Cybersecurity
  • Data Transmission
  • Field Programmable Gate Arrays
  • Information Security
  • Network Protocols
  • Operating Systems
  • Security Protocols
  • Software Defined Networks

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Parallel and Distributed Computing.

Technology Areas

  • Cyber