Open this publication in new window or tab >>2020 (English)In: Proceedings of SNCNW 2020: 16th Swedish National Computer Networking Workshop, SNCNW, Kristianstad, 2020Conference paper, Published paper (Refereed)
Abstract [en]
When exposed to the network, applications and devices are exposed to constant security risks. This puts pressure on hardware and software vendors to test even more than before how secure applications and devices are before being released to customers.
We have worked towards defining and developing a frame- work for automated security testbeds. Testbeds comprise both the ability to build on-demand virtual isolated networks that emulate corporate networks, as well as the ability to automate security breach scenarios, which accelerates the testing process. In order to accomplish both features of the testbed, we have based the framework on well-established cloud and orchestration technologies e. g. , OpenStack and Ansible. Although many of these technologies are powerful, they are also complex, leading to a steep learning curve for new users. Thus, one of the main goals of the developed framework is to hide the underlying complexities through a template approach and a simplified user interface that shortens the initial training time.
In this paper, we present the full stack of technologies that were used for constructing the testbed framework. The framework allows us to create entire virtual networks and to manipulate network devices started in it, via comprehensive yet simple interfaces. Also, we describe a specific testbed solution, developed as a part of the Test Arena Blekinge project.
Keywords
Security Testbed, Cloud Infrastructures, Infrastructure as a Service, Infrastructure as Code
National Category
Computer Systems
Identifiers
urn:nbn:se:bth-19621 (URN)
Conference
16th Swedish National Computer Networking Workshop, SNCNW, Kristianstad
Note
open access
2020-06-092020-06-092021-10-06Bibliographically approved