TY - GEN
T1 - Designing security-aware service requests for NFV-enabled Networks
AU - Jmila, Houda
AU - Blanc, Gregory
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/7/1
Y1 - 2019/7/1
N2 - Network Function Virtualization (NFV) is a recent concept where virtualization enables the shift from network functions (e.g., routers, switches, load-balancers, proxies) on specialized hardware appliances to software images running on all-purpose, high-volume servers. The resource allocation problem in the NFV environment has received considerable attention in the past years. However, little attention was paid to the security aspects of the problem in spite of the increasing number of vulnerabilities faced by cloud-based applications. Securing the services is an urgent need to completely benefit from the advantages offered by NFV. In this paper, we show how a network service request, composed of a set of service function chains (SFC) should be modified and enriched to take into consideration the security requirements of the supported service. We examine the well-known security best practices and propose a two-step algorithm that extends the initial SFC requests to a more complex chaining model that includes the security requirements of the service.
AB - Network Function Virtualization (NFV) is a recent concept where virtualization enables the shift from network functions (e.g., routers, switches, load-balancers, proxies) on specialized hardware appliances to software images running on all-purpose, high-volume servers. The resource allocation problem in the NFV environment has received considerable attention in the past years. However, little attention was paid to the security aspects of the problem in spite of the increasing number of vulnerabilities faced by cloud-based applications. Securing the services is an urgent need to completely benefit from the advantages offered by NFV. In this paper, we show how a network service request, composed of a set of service function chains (SFC) should be modified and enriched to take into consideration the security requirements of the supported service. We examine the well-known security best practices and propose a two-step algorithm that extends the initial SFC requests to a more complex chaining model that includes the security requirements of the service.
KW - Network Function Virtualization (NFV)
KW - Resource Allocation
KW - Security
KW - Service Function chaining (SFC)
U2 - 10.1109/ICCCN.2019.8847058
DO - 10.1109/ICCCN.2019.8847058
M3 - Conference contribution
AN - SCOPUS:85073143997
T3 - Proceedings - International Conference on Computer Communications and Networks, ICCCN
BT - ICCCN 2019 - 28th International Conference on Computer Communications and Networks
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 28th International Conference on Computer Communications and Networks, ICCCN 2019
Y2 - 29 July 2019 through 1 August 2019
ER -