Implications and Limitations of Securing an InfiniBand Network

Author

Lucas E. Mireles

Date of Award

3-26-2020

Document Type

Thesis

Degree Name

Master of Science in Computer Engineering

Department

Department of Electrical and Computer Engineering

First Advisor

Scott R. Graham, PhD

Abstract

The InfiniBand Architecture is one of the leading network interconnects used in high performance computing, delivering very high bandwidth and low latency. As the popularity of InfiniBand increases, the possibility for new InfiniBand applications arise outside the domain of high performance computing, thereby creating the opportunity for new security risks. In this work, new security questions are considered and addressed. The study demonstrates that many common traffic analyzing tools cannot monitor or capture InfiniBand traffic transmitted between two hosts. Due to the kernel bypass nature of InfiniBand, many host-based network security systems cannot be executed on InfiniBand applications. Those that can impose a significant performance loss for the network. The research concludes that not all network security practices used for Ethernet translate to InfiniBand as previously suggested and that an answer to meeting specific security requirements for an InfiniBand network might reside in hardware offload.

AFIT Designator

AFIT-ENG-MS-20-M-044

DTIC Accession Number

AD1102978

Recommended Citation

Mireles, Lucas E., "Implications and Limitations of Securing an InfiniBand Network" (2020). Theses and Dissertations. 3183.
https://scholar.afit.edu/etd/3183