Visible to the public Designing Security-Aware Service Requests for NFV-Enabled Networks

TitleDesigning Security-Aware Service Requests for NFV-Enabled Networks
Publication TypeConference Paper
Year of Publication2019
AuthorsJmila, Houda, Blanc, Gregory
Conference Name2019 28th International Conference on Computer Communication and Networks (ICCCN)
Date Publishedjul
ISBN Number978-1-7281-1856-7
KeywordsBandwidth, best practices, cloud computing, cloud-based applications, composability, Hardware, high-volume servers, Human Behavior, human factors, initial SFC requests, load-balancers, Metrics, network function virtualization, network functions, network service request, NFV environment, NFV-enabled networks, privacy, pubcrawl, resilience, Resiliency, resource allocation, resource allocation problem, Resource management, security, security aspects, security of data, security requirements, security-aware service request design, service function chains, software images, specialized hardware appliances, Substrates, supported service, Switches, virtualisation, virtualization, virtualization privacy

Network Function Virtualization (NFV) is a recent concept where virtualization enables the shift from network functions (e.g., routers, switches, load-balancers, proxies) on specialized hardware appliances to software images running on all-purpose, high-volume servers. The resource allocation problem in the NFV environment has received considerable attention in the past years. However, little attention was paid to the security aspects of the problem in spite of the increasing number of vulnerabilities faced by cloud-based applications. Securing the services is an urgent need to completely benefit from the advantages offered by NFV. In this paper, we show how a network service request, composed of a set of service function chains (SFC) should be modified and enriched to take into consideration the security requirements of the supported service. We examine the well-known security best practices and propose a two-step algorithm that extends the initial SFC requests to a more complex chaining model that includes the security requirements of the service.

Citation Keyjmila_designing_2019