Network operators face several limitations in terms of infrastructure management and costs when trying to offer security services to a large number of customers with current technologies. Network Functions Virtualization and Software-Defined Networks paradigms try to overcome these limitations by allowing more flexibility, configurability and agility. Unfortunately, the problem of deciding which security services to use, where to place and how to configure them is a multidimensional problem that has no easy solution. This paper provides a model that can be used to determine the best allocation for the security applications needed to satisfy the user requirements while minimizing the cost for the network operator, subject to the different constraints expressed by the involved actors. This model can be exploited to pursue an initial dimensioning and set-up of the system infrastructure or to dynamically adapt it to support the user security policies. Initial validation shows that allocations generated with our model have considerable advantages in terms of costs and performance compared to traditional approaches.
Towards the Dynamic Provision of Virtualized Security Services / Basile, Cataldo; Pitscheider, Christian; Risso, FULVIO GIOVANNI OTTAVIO; Valenza, Fulvio; Vallini, Marco - In: Cyber Security and Privacy / Cleary F., Felici M.. - STAMPA. - [s.l] : Springer International Publishing, 2015. - ISBN 978-3-319-25359-6. - pp. 65-76 [10.1007/978-3-319-25360-2_6]
Towards the Dynamic Provision of Virtualized Security Services
BASILE, CATALDO;PITSCHEIDER, CHRISTIAN;RISSO, FULVIO GIOVANNI OTTAVIO;VALENZA, FULVIO;VALLINI, MARCO
2015
Abstract
Network operators face several limitations in terms of infrastructure management and costs when trying to offer security services to a large number of customers with current technologies. Network Functions Virtualization and Software-Defined Networks paradigms try to overcome these limitations by allowing more flexibility, configurability and agility. Unfortunately, the problem of deciding which security services to use, where to place and how to configure them is a multidimensional problem that has no easy solution. This paper provides a model that can be used to determine the best allocation for the security applications needed to satisfy the user requirements while minimizing the cost for the network operator, subject to the different constraints expressed by the involved actors. This model can be exploited to pursue an initial dimensioning and set-up of the system infrastructure or to dynamically adapt it to support the user security policies. Initial validation shows that allocations generated with our model have considerable advantages in terms of costs and performance compared to traditional approaches.File | Dimensione | Formato | |
---|---|---|---|
2015CSP_author.pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
PUBBLICO - Tutti i diritti riservati
Dimensione
816.75 kB
Formato
Adobe PDF
|
816.75 kB | Adobe PDF | Visualizza/Apri |
2015CSP.pdf
non disponibili
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
935.9 kB
Formato
Adobe PDF
|
935.9 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2621480