scholarly journals Semantic-Aware Security Orchestration in SDN/NFV-Enabled IoT Systems

Sensors ◽  
2020 ◽  
Vol 20 (13) ◽  
pp. 3622 ◽  
Author(s):  
Alejandro Molina Zarca ◽  
Miloud Bagaa ◽  
Jorge Bernal Bernabe ◽  
Tarik Taleb ◽  
Antonio F. Skarmeta
Keyword(s):  
Optimal Allocation ◽  
Added Value ◽  
Virtual Network ◽  
Security Policies ◽  
Network Function Virtualization ◽  
Self Healing ◽  
Network Function ◽  
Semantic Conflict ◽  
And Performance ◽  
Self Protection

IoT systems can be leveraged by Network Function Virtualization (NFV) and Software-Defined Networking (SDN) technologies, thereby strengthening their overall flexibility, security and resilience. In this sense, adaptive and policy-based security frameworks for SDN/NFV-aware IoT systems can provide a remarkable added value for self-protection and self-healing, by orchestrating and enforcing dynamically security policies and associated Virtual Network Functions (VNF) or Virtual network Security Functions (VSF) according to the actual context. However, this security orchestration is subject to multiple possible inconsistencies between the policies to enforce, the already enforced management policies and the evolving status of the managed IoT system. In this regard, this paper presents a semantic-aware, zero-touch and policy-driven security orchestration framework for autonomic and conflict-less security orchestration in SDN/NFV-aware IoT scenarios while ensuring optimal allocation and Service Function Chaining (SFC) of VSF. The framework relies on Semantic technologies and considers the security policies and the evolving IoT system model to dynamically and formally detect any semantic conflict during the orchestration. In addition, our optimized SFC algorithm maximizes the QoS, security aspects and resources usage during VSF allocation. The orchestration security framework has been implemented and validated showing its feasibility and performance to detect the conflicts and optimally enforce the VSFs.

scholarly journals Using Aerial and Vehicular NFV Infrastructures to Agilely Create Vertical Services

Sensors ◽  
2021 ◽  
Vol 21 (4) ◽  
pp. 1342
Author(s):  
Borja Nogales ◽  
Miguel Silva ◽  
Ivan Vidal ◽  
Miguel Luís ◽  
Francisco Valera ◽  
...  
Keyword(s):  
Ad Hoc Network ◽  
Ad Hoc ◽  
Cost Effective ◽  
Network Services ◽  
Network Function Virtualization ◽  
Mobile Environments ◽  
Network Resources ◽  
The Public ◽  
Network Function ◽  
And Performance

5G communications have become an enabler for the creation of new and more complex networking scenarios, bringing together different vertical ecosystems. Such behavior has been fostered by the network function virtualization (NFV) concept, where the orchestration and virtualization capabilities allow the possibility of dynamically supplying network resources according to its needs. Nevertheless, the integration and performance of heterogeneous network environments, each one supported by a different provider, and with specific characteristics and requirements, in a single NFV framework is not straightforward. In this work we propose an NFV-based framework capable of supporting the flexible, cost-effective deployment of vertical services, through the integration of two distinguished mobile environments and their networks: small sized unmanned aerial vehicles (SUAVs), supporting a flying ad hoc network (FANET) and vehicles, promoting a vehicular ad hoc network (VANET). In this context, a use case involving the public safety vertical will be used as an illustrative example to showcase the potential of this framework. This work also includes the technical implementation details of the framework proposed, allowing to analyse and discuss the delays on the network services deployment process. The results show that the deployment times can be significantly reduced through a distributed VNF configuration function based on the publish–subscribe model.

NFV Practical Implementation

2018 ◽  
pp. 175-194
Author(s):  
Lalit Pandey
Keyword(s):  
Network Architecture ◽  
Software Implementation ◽  
Virtual Network ◽  
Network Function Virtualization ◽  
Practical Implementation ◽  
Network Function ◽  
Network Functions

This chapter is focused on the traditional network architecture limitations with NFV benefits. Discussion of NFV architecture and framework as well as management and orchestration has been discussed in this chapter. Cisco VNF portfolio and virtual network functions implementation is included with software implementation of the architecture of NFV (network function virtualization). Management and orchestration functional layers as per ETSI standard. The challenges in NFV implementation is also a concern today, which is a part of this chapter.

scholarly journals Securing Virtual Network Function (VNF) in Telco Cloud

2020 ◽  
Author(s):  
Bharathkumar Ravichandran
Keyword(s):  
General Purpose ◽  
Virtual Network ◽  
Network Function Virtualization ◽  
Communication Architecture ◽  
Network Function ◽  
Fifth Generation ◽  
Security Challenges ◽  
5G Network ◽  
Network Functions ◽  
Computing Platforms

In the fifth generation mobile communication architecture (5G), network functions which traditionally existed as discrete hardware entities based on custom architectures, are replaced with dynamic, scalable Virtual Network Functions (VNF) that run on general purpose (x86) cloud computing platforms, under the paradigm Network Function Virtualization (NFV). The shift towards a virtualized infrastructure poses its own set of security challenges that need to be addressed. One such challenge that we seek to address in this paper is providing integrity, authenticity and confidentiality protection for VNFs.

scholarly journals Network Function Virtualization in Content-Centric Networks

2019 ◽  
Author(s):  
José Castillo-Lema ◽  
Augusto José Venâncio Neto ◽  
Flavio de Oliveira Silva ◽  
Sergio Takeo Kofuji
Keyword(s):  
Ip Networks ◽  
General Purpose ◽  
Virtual Network ◽  
Network Function Virtualization ◽  
Network Function ◽  
The Past ◽  
Central Controller ◽  
Network Functions ◽  
Extensive Effort ◽  
Hardware Platforms

Network Functions Virtualization (NFV) offers an alternative way to design, deploy, and manage networking functions and services by leveraging virtualization technologies to consolidate network functions into general-purpose hardware platforms. On the past years extensive effort has been made to evolve and mature NFV tecnologies over IP networks. However, little or no attempts at all have been made to incorporate NFV into Information-Centric Networks (ICN). This work explores the use and implementation of virtual Network Funtions (VNFS)in Content-Centric Networks (CCN), and proposes the use of the Named Function Networking (NFN) paradigm as means to implement network functions and services in this kind of networks, distributing the network functions and services through the networks nodes and providing flexibility to dynamically place functions in the network as required and without the need of a central controller.

scholarly journals Path Mapping Approach for Network Function Virtualization Resource Allocation with Network Function Decomposition Support

Symmetry ◽  
2019 ◽  
Vol 11 (9) ◽  
pp. 1173 ◽  
Author(s):  
Basheer Raddwan ◽  
Khalil AL-Wagih ◽  
Ibrahim A. Al-Baltah ◽  
Mohamed A. Alrshah ◽  
Mohammed A. Al-Maqri
Keyword(s):  
Resource Allocation ◽  
Execution Time ◽  
Service Providers ◽  
Virtual Network ◽  
Network Function Virtualization ◽  
Network Function ◽  
Function Decomposition ◽  
Mapping Approach ◽  
Network Functions ◽  
The Impact

Recently, Network Function Virtualization (NFV) and Software Defined Networking (SDN) have attracted many mobile operators. For the flexible deployment of Network Functions (NFs) in an NFV environment, NF decompositions and control/user plane separation have been introduced in the literature. That is to map traditional functions into their corresponding Virtual Network Functions (VNFs). This mapping requires the NFV Resource Allocation (NFV-RA) for multi-path service graphs with a high number of virtual nodes and links, which is a complex NP-hard problem that inherited its complexity from the Virtual Network Embedding (VNE). This paper proposes a new path mapping approach to solving the NFV-RA problem for decomposed Network Service Chains (NSCs). The proposed solution has symmetrically considered optimizing an average embedding cost with an enhancement on average execution time. The proposed approach has been compared to two other existing schemes using 6 and 16 scenarios of short and long simulation runs, respectively. The impact of the number of nodes, links and paths of the service requests on the proposed scheme has been studied by solving more than 122,000 service requests. The proposed Integer Linear Programming (ILP) and heuristic schemes have reduced the execution time up to 39.58% and 6.42% compared to existing ILP and heuristic schemes, respectively. Moreover, the proposed schemes have also reduced the average embedding cost and increased the profit for the service providers.

scholarly journals Deep Reinforcement Learning-Based Algorithm for VNF-SC Deployment

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Junlei Xuan ◽  
Huifang Yang ◽  
Xuelin Zhao ◽  
Xingpo Ma ◽  
Xiaokai Yang
Keyword(s):  
Real Time ◽  
Optimization Model ◽  
Virtual Network ◽  
Network Function Virtualization ◽  
Prediction Algorithm ◽  
Network Service ◽  
The Real ◽  
Service Chain ◽  
Network Function ◽  
Virtual Network Function

Network function virtualization (NFV) has the potential to lead to significant reductions in capital expenditure and can improve the flexibility of the network. Virtual network function (VNF) deployment problem will be one of key problems that need to be addressed in NFV. To solve the problem of routing and VNF deployment, an optimization model, which minimizes the maximum index of used frequency slots, the number of used frequency slots, and the number of initialized VNF, is established. In this optimization model, the dependency among the different VNFs is considered. In order to solve the service chain mapping problem of high dynamic virtual network, a new virtual network function service chain mapping algorithm PDQN-VNFSC was proposed by combining prediction algorithm and DQN (Deep Q-Network). Firstly, the real-time mapping of virtual network service chains is modeled into a partial observable Markov decision process. Then, the real-time mapping process of virtual network service chain is optimized by using global and long-term benefits. Finally, the service chain of virtual network function is mapped through the learning decision framework of offline learning and online deployment. The simulation results show that, compared with the existing algorithms, the proposed algorithm has a lower the maximum index of used frequency slots, the number of used frequency slots, and the number of initialized VNF.

scholarly journals A VNF modeling approach for verification purposes

2019 ◽  
Vol 9 (4) ◽  
pp. 2627
Author(s):  
Guido Marchetto ◽  
Riccardo Sisto ◽  
Matteo Virgilio ◽  
Jaloliddin Yusupov
Keyword(s):  
Formal Verification ◽  
Virtual Network ◽  
Network Function Virtualization ◽  
Network Function ◽  
Specific Input ◽  
Production Environments ◽  
Verification Tools ◽  
Network Functions ◽  
New Challenges ◽  
Java Library

<span lang="EN-US">Network Function Virtualization (NFV) architectures are emerging to increase networks flexibility. However, this renewed scenario poses new challenges, because virtualized networks, need to be carefully verified before being actually deployed in production environments in order to preserve network coherency (e.g., absence of forwarding loops, preservation of security on network traffic, etc.). Nowadays, model checking tools, SAT solvers, and Theorem Provers are available for formal verification of such properties in virtualized networks. Unfortunately, most of those verification tools accept input descriptions written in specification languages that are difficult to use for people not experienced in formal methods. Also, in order to enable the use of formal verification tools in real scenarios, vendors of Virtual Network Functions (VNFs) should provide abstract mathematical models of their functions, coded in the specific input languages of the verification tools. This process is error-prone, time-consuming, and often outside the VNF developers’ expertise. This paper presents a framework that we designed for automatically extracting verification models starting from a Java-based representation of a given VNF. It comprises a Java library of classes to define VNFs in a more developer-friendly way, and a tool to translate VNF definitions into formal verification models of different verification tools.</span>

scholarly journals Multiple instances mapping of Service Function Chain with parallel Virtual Network Functions

2019 ◽  
Vol 13 ◽  
pp. 174830261986853 ◽  
Author(s):  
Dong Zhang ◽  
Xiang Lin ◽  
Xiang Chen
Keyword(s):  
Queuing Theory ◽  
Virtual Network ◽  
Network Function Virtualization ◽  
Service Function ◽  
Network Function ◽  
Integer Programing ◽  
Service Function Chain ◽  
Network Functions ◽  
Simulation Results ◽  
Mapping Scheme

Network Function Virtualization addresses the defect of traditional middleboxes and enables operators to implement new services through a process named Service Function Chain mapping. Service Function Chain is composed by a sequence of Virtual Network Functions (VNFs) which is deployed in shared platforms. Service Function Chain with parallel VNFs is proposed to reduce the delivery latency. In this paper, a multiple instances mapping scheme named MIM is proposed to resolve the performance bottleneck introduced by the imbalance of parallel VNFs. A integer programing model is established to describe the multiple instances mapping problem based on queuing theory, and a double layer Genetic Algorithm is used to allocate parallel VNFs with multiple instances. Simulation results show that the multiple instances mapping scheme can improve the performance of Service Function Chain with parallel VNFs effectively.

Sign in / Sign up

Export Citation Format

Share Document