Decentralized Certificate Management for Network Function Virtualisation (NFV) Implementation in Telecommunication Networks

The certificate management complexity and cost increase when PKI technology is leveraged into Network Function Virtualisation (NFV), a significant enabling technology for 5G networks. The expected security of PKI cannot be met due to the unavailability of the certificate revocation inquiry in the telecommunication operator’s core network. This paper analyses the issues and challenges during the NFV implementation and proposes a blockchain-based decentralized NFV certificate management mechanism. During instantiation, the Virtual Network Functions (VNF) instance generates certificates according to the certificate profile provided in the VNF package. The certificate management unit is responsible for the certificate enrolment, renewal, and revocation. The certificates submitted to the decentralized certificate management system by the instance will be recorded into the ledger after validation and consensus. The experiment and analysis show the transaction throughput, and the transaction delay is noncritical in practice, which could be fulfilled by the proposed mechanism. The certificate inquiry performance is critical, which can be facilitated by the decentralized deployment of inquiry nodes.

Download Full-text

CoNTe: A Core Network Temporal Blockchain for 5G

Sensors ◽

10.3390/s20185281 ◽

2020 ◽

Vol 20 (18) ◽

pp. 5281

Author(s):

Steven Platt ◽

Luis Sanabria-Russo ◽

Miquel Oliver

Keyword(s):

Paradigm Shift ◽

Virtual Network ◽

Core Network ◽

Network Function ◽

Distributed Ledger ◽

Distributed Ledger Technology ◽

Network Operations ◽

Network Functions ◽

Network Functionality ◽

Virtual Network Function

Virtual Network Functions allow the effective separation between hardware and network functionality, a strong paradigm shift from previously tightly integrated monolithic, vendor, and technology dependent deployments. In this virtualized paradigm, all aspects of network operations can be made to deploy on demand, dynamically scale, as well as be shared and interworked in ways that mirror behaviors of general cloud computing. To date, although seeing rising demand, distributed ledger technology remains largely incompatible in such elastic deployments, by its nature as functioning as an immutable record store. This work focuses on the structural incompatibility of current blockchain designs and proposes a novel, temporal blockchain design built atop federated byzantine agreement, which has the ability to dynamically scale and be packaged as a Virtual Network Function (VNF) for the 5G Core.

Download Full-text

A Framework for Performance Evaluation of Network Function Virtualisation in 5G Networks

2020 XLVI Latin American Computing Conference (CLEI) ◽

10.1109/clei52000.2020.00043 ◽

2020 ◽

Author(s):

Cristoffer Leite ◽

Priscila Solis Barreto ◽

Marcos F. Caetano ◽

Rafael Amaral

Keyword(s):

Performance Evaluation ◽

5G Networks ◽

Network Function ◽

Network Function Virtualisation

Download Full-text

NFV Practical Implementation

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Innovations in Software-Defined Networking and Network Functions Virtualization ◽

10.4018/978-1-5225-3640-6.ch008 ◽

2018 ◽

pp. 175-194

Author(s):

Lalit Pandey

Keyword(s):

Network Architecture ◽

Software Implementation ◽

Virtual Network ◽

Network Function Virtualization ◽

Practical Implementation ◽

Network Function ◽

Network Functions

This chapter is focused on the traditional network architecture limitations with NFV benefits. Discussion of NFV architecture and framework as well as management and orchestration has been discussed in this chapter. Cisco VNF portfolio and virtual network functions implementation is included with software implementation of the architecture of NFV (network function virtualization). Management and orchestration functional layers as per ETSI standard. The challenges in NFV implementation is also a concern today, which is a part of this chapter.

Download Full-text

Securing Virtual Network Function (VNF) in Telco Cloud

Journal of ICT Standardization ◽

10.13052/jicts2245-800x.834 ◽

2020 ◽

Author(s):

Bharathkumar Ravichandran

Keyword(s):

General Purpose ◽

Virtual Network ◽

Network Function Virtualization ◽

Communication Architecture ◽

Network Function ◽

Fifth Generation ◽

Security Challenges ◽

5G Network ◽

Network Functions ◽

Computing Platforms

In the fifth generation mobile communication architecture (5G), network functions which traditionally existed as discrete hardware entities based on custom architectures, are replaced with dynamic, scalable Virtual Network Functions (VNF) that run on general purpose (x86) cloud computing platforms, under the paradigm Network Function Virtualization (NFV). The shift towards a virtualized infrastructure poses its own set of security challenges that need to be addressed. One such challenge that we seek to address in this paper is providing integrity, authenticity and confidentiality protection for VNFs.

Download Full-text

Network Function Virtualization in Content-Centric Networks

10.5753/wpeif.2019.7696 ◽

2019 ◽

Author(s):

José Castillo-Lema ◽

Augusto José Venâncio Neto ◽

Flavio de Oliveira Silva ◽

Sergio Takeo Kofuji

Keyword(s):

Ip Networks ◽

General Purpose ◽

Virtual Network ◽

Network Function Virtualization ◽

Network Function ◽

The Past ◽

Central Controller ◽

Network Functions ◽

Extensive Effort ◽

Hardware Platforms

Network Functions Virtualization (NFV) offers an alternative way to design, deploy, and manage networking functions and services by leveraging virtualization technologies to consolidate network functions into general-purpose hardware platforms. On the past years extensive effort has been made to evolve and mature NFV tecnologies over IP networks. However, little or no attempts at all have been made to incorporate NFV into Information-Centric Networks (ICN). This work explores the use and implementation of virtual Network Funtions (VNFS)in Content-Centric Networks (CCN), and proposes the use of the Named Function Networking (NFN) paradigm as means to implement network functions and services in this kind of networks, distributing the network functions and services through the networks nodes and providing flexibility to dynamically place functions in the network as required and without the need of a central controller.

Download Full-text

Path Mapping Approach for Network Function Virtualization Resource Allocation with Network Function Decomposition Support

Symmetry ◽

10.3390/sym11091173 ◽

2019 ◽

Vol 11 (9) ◽

pp. 1173 ◽

Cited By ~ 1

Author(s):

Basheer Raddwan ◽

Khalil AL-Wagih ◽

Ibrahim A. Al-Baltah ◽

Mohamed A. Alrshah ◽

Mohammed A. Al-Maqri

Keyword(s):

Resource Allocation ◽

Execution Time ◽

Service Providers ◽

Virtual Network ◽

Network Function Virtualization ◽

Network Function ◽

Function Decomposition ◽

Mapping Approach ◽

Network Functions ◽

The Impact

Recently, Network Function Virtualization (NFV) and Software Defined Networking (SDN) have attracted many mobile operators. For the flexible deployment of Network Functions (NFs) in an NFV environment, NF decompositions and control/user plane separation have been introduced in the literature. That is to map traditional functions into their corresponding Virtual Network Functions (VNFs). This mapping requires the NFV Resource Allocation (NFV-RA) for multi-path service graphs with a high number of virtual nodes and links, which is a complex NP-hard problem that inherited its complexity from the Virtual Network Embedding (VNE). This paper proposes a new path mapping approach to solving the NFV-RA problem for decomposed Network Service Chains (NSCs). The proposed solution has symmetrically considered optimizing an average embedding cost with an enhancement on average execution time. The proposed approach has been compared to two other existing schemes using 6 and 16 scenarios of short and long simulation runs, respectively. The impact of the number of nodes, links and paths of the service requests on the proposed scheme has been studied by solving more than 122,000 service requests. The proposed Integer Linear Programming (ILP) and heuristic schemes have reduced the execution time up to 39.58% and 6.42% compared to existing ILP and heuristic schemes, respectively. Moreover, the proposed schemes have also reduced the average embedding cost and increased the profit for the service providers.

Download Full-text

A Recommendation Approach using Forwarding Graph to Analyze Mapping Algorithms for Virtual Network Functions

Recent Patents on Computer Science ◽

10.2174/2213275912666190618114014 ◽

2019 ◽

Vol 12 ◽

Author(s):

Lyes Bouali ◽

Selma Khebbache ◽

Samia Bouzefrane ◽

Mehammed Daoui

Keyword(s):

Virtual Network ◽

Search Procedure ◽

Adaptive Search ◽

Mapping Algorithms ◽

Network Function ◽

Np Hard Problem ◽

Substrate Network ◽

Network Functions ◽

Cost Efficient ◽

Virtual Network Function

: The advent of Network Functions Virtualization (NFV) has revolutionized numerous network based applications due to its score of benefits such as flexibility, agility, scalability and Multi-tenancy. In this paper, we focus on the mapping of Virtual Network Function Forwarding Graphs (VNF-FGs) on a Substrate Network. To cope with this NP-Hard problem, we designed an algorithm based on Greedy Randomized Adaptive Search Procedure (GRASP), a cost-efficient meta-heuristic algorithm, in which the main objective is to minimize the mapping cost. Another method named MARA (Most Available Resource Algorithm) was devised with the objective of reducing the Substrate Network’s resources use at the bottleneck clusters. Performance analysis based on simulations are given to show the behavior and efficiency of our approaches.

Download Full-text

Research on Optimized Deployment of Virtual Network Functions in Network Function Virtualization Environment

Journal of Physics Conference Series ◽

10.1088/1742-6596/1748/3/032020 ◽

2021 ◽

Vol 1748 ◽

pp. 032020

Author(s):

Mingyue Liu ◽

Feng Liu

Keyword(s):

Virtual Network ◽

Network Function Virtualization ◽

Network Function ◽

Network Functions

Download Full-text

A VNF modeling approach for verification purposes

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v9i4.pp2627-2636 ◽

2019 ◽

Vol 9 (4) ◽

pp. 2627

Author(s):

Guido Marchetto ◽

Riccardo Sisto ◽

Matteo Virgilio ◽

Jaloliddin Yusupov

Keyword(s):

Formal Verification ◽

Virtual Network ◽

Network Function Virtualization ◽

Network Function ◽

Specific Input ◽

Production Environments ◽

Verification Tools ◽

Network Functions ◽

New Challenges ◽

Java Library

<span lang="EN-US">Network Function Virtualization (NFV) architectures are emerging to increase networks flexibility. However, this renewed scenario poses new challenges, because virtualized networks, need to be carefully verified before being actually deployed in production environments in order to preserve network coherency (e.g., absence of forwarding loops, preservation of security on network traffic, etc.). Nowadays, model checking tools, SAT solvers, and Theorem Provers are available for formal verification of such properties in virtualized networks. Unfortunately, most of those verification tools accept input descriptions written in specification languages that are difficult to use for people not experienced in formal methods. Also, in order to enable the use of formal verification tools in real scenarios, vendors of Virtual Network Functions (VNFs) should provide abstract mathematical models of their functions, coded in the specific input languages of the verification tools. This process is error-prone, time-consuming, and often outside the VNF developers’ expertise. This paper presents a framework that we designed for automatically extracting verification models starting from a Java-based representation of a given VNF. It comprises a Java library of classes to define VNFs in a more developer-friendly way, and a tool to translate VNF definitions into formal verification models of different verification tools.</span>

Download Full-text

Multiple instances mapping of Service Function Chain with parallel Virtual Network Functions

Journal of Algorithms & Computational Technology ◽

10.1177/1748302619868537 ◽

2019 ◽

Vol 13 ◽

pp. 174830261986853 ◽

Cited By ~ 1

Author(s):

Dong Zhang ◽

Xiang Lin ◽

Xiang Chen

Keyword(s):

Queuing Theory ◽

Virtual Network ◽

Network Function Virtualization ◽

Service Function ◽

Network Function ◽

Integer Programing ◽

Service Function Chain ◽

Network Functions ◽

Simulation Results ◽

Mapping Scheme

Network Function Virtualization addresses the defect of traditional middleboxes and enables operators to implement new services through a process named Service Function Chain mapping. Service Function Chain is composed by a sequence of Virtual Network Functions (VNFs) which is deployed in shared platforms. Service Function Chain with parallel VNFs is proposed to reduce the delivery latency. In this paper, a multiple instances mapping scheme named MIM is proposed to resolve the performance bottleneck introduced by the imbalance of parallel VNFs. A integer programing model is established to describe the multiple instances mapping problem based on queuing theory, and a double layer Genetic Algorithm is used to allocate parallel VNFs with multiple instances. Simulation results show that the multiple instances mapping scheme can improve the performance of Service Function Chain with parallel VNFs effectively.

Download Full-text