Solving security constraints for 5G slice embedding: A proof-of-concept

François Boutigny; Stéphane Betgé-Brezetz; Gregory Blanc; Antoine Lavignotte; Hervé Debar; Houda Jmila

doi:10.1016/j.cose.2019.101662

Solving security constraints for 5G slice embedding: A proof-of-concept

François Boutigny
, Stéphane Betgé-Brezetz
, Gregory Blanc
, Antoine Lavignotte
, Hervé Debar
, Houda Jmila

Research output: Contribution to journal › Article › peer-review

Abstract

Network slicing is a prominent feature of 5G, which allow tenants to rent network and computing virtual resources from one or more Infrastructure Providers (InPs). Those resources are allocated according to tenants requirements, not only in terms of QoS but also in terms of security. In this paper, we build on our previous work to propose and evaluate a security-aware slice embedding implementation which enables tenants to declare security-oriented requirements, while limiting InP network information disclosure. To do so we improve our requirement model so that it becomes compatible with an Satisfiability Modulo Theories (SMT) formulation. Our implementation distinguishes two sub-problems, one for the intra-domain level (inside each InP) and one for the inter-domain level (in between the InPs). We leverage those sub-problems in a multi-level resolution algorithm to generate all multi-domain slice embeddings.

Original language	English
Article number	101662
Journal	Computers and Security
Volume	89
DOIs	https://doi.org/10.1016/j.cose.2019.101662
Publication status	Published - 1 Feb 2020

Keywords

5G Security
Network slicing
Network virtualization
Satisfiability modulo theories
Virtual network embedding

Access to Document

10.1016/j.cose.2019.101662

Cite this

@article{6ebadb1ff2b14301b1f0f6035bc73c5e,

title = "Solving security constraints for 5G slice embedding: A proof-of-concept",

abstract = "Network slicing is a prominent feature of 5G, which allow tenants to rent network and computing virtual resources from one or more Infrastructure Providers (InPs). Those resources are allocated according to tenants requirements, not only in terms of QoS but also in terms of security. In this paper, we build on our previous work to propose and evaluate a security-aware slice embedding implementation which enables tenants to declare security-oriented requirements, while limiting InP network information disclosure. To do so we improve our requirement model so that it becomes compatible with an Satisfiability Modulo Theories (SMT) formulation. Our implementation distinguishes two sub-problems, one for the intra-domain level (inside each InP) and one for the inter-domain level (in between the InPs). We leverage those sub-problems in a multi-level resolution algorithm to generate all multi-domain slice embeddings.",

keywords = "5G Security, Network slicing, Network virtualization, Satisfiability modulo theories, Virtual network embedding",

author = "Fran{\c c}ois Boutigny and St{\'e}phane Betg{\'e}-Brezetz and Gregory Blanc and Antoine Lavignotte and Herv{\'e} Debar and Houda Jmila",

note = "Publisher Copyright: {\textcopyright} 2019",

year = "2020",

month = feb,

day = "1",

doi = "10.1016/j.cose.2019.101662",

language = "English",

volume = "89",

journal = "Computers and Security",

issn = "0167-4048",

}

TY - JOUR

T1 - Solving security constraints for 5G slice embedding

T2 - A proof-of-concept

AU - Boutigny, François

AU - Betgé-Brezetz, Stéphane

AU - Blanc, Gregory

AU - Lavignotte, Antoine

AU - Debar, Hervé

AU - Jmila, Houda

PY - 2020/2/1

Y1 - 2020/2/1

N2 - Network slicing is a prominent feature of 5G, which allow tenants to rent network and computing virtual resources from one or more Infrastructure Providers (InPs). Those resources are allocated according to tenants requirements, not only in terms of QoS but also in terms of security. In this paper, we build on our previous work to propose and evaluate a security-aware slice embedding implementation which enables tenants to declare security-oriented requirements, while limiting InP network information disclosure. To do so we improve our requirement model so that it becomes compatible with an Satisfiability Modulo Theories (SMT) formulation. Our implementation distinguishes two sub-problems, one for the intra-domain level (inside each InP) and one for the inter-domain level (in between the InPs). We leverage those sub-problems in a multi-level resolution algorithm to generate all multi-domain slice embeddings.

AB - Network slicing is a prominent feature of 5G, which allow tenants to rent network and computing virtual resources from one or more Infrastructure Providers (InPs). Those resources are allocated according to tenants requirements, not only in terms of QoS but also in terms of security. In this paper, we build on our previous work to propose and evaluate a security-aware slice embedding implementation which enables tenants to declare security-oriented requirements, while limiting InP network information disclosure. To do so we improve our requirement model so that it becomes compatible with an Satisfiability Modulo Theories (SMT) formulation. Our implementation distinguishes two sub-problems, one for the intra-domain level (inside each InP) and one for the inter-domain level (in between the InPs). We leverage those sub-problems in a multi-level resolution algorithm to generate all multi-domain slice embeddings.

KW - 5G Security

KW - Network slicing

KW - Network virtualization

KW - Satisfiability modulo theories

KW - Virtual network embedding

UR - https://www.scopus.com/pages/publications/85075263147

U2 - 10.1016/j.cose.2019.101662

DO - 10.1016/j.cose.2019.101662

M3 - Article

AN - SCOPUS:85075263147

SN - 0167-4048

VL - 89

JO - Computers and Security

JF - Computers and Security

M1 - 101662

ER -

Solving security constraints for 5G slice embedding: A proof-of-concept

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this