• Aiuto
  • Sfoglia

    • This paper introduces an approach towards automatic enforcement of security policies in \nfv networks and dynamic adaptation to network changes. The approach relies on a refinement model that allows the dynamic transformation of high-level security requirements into configuration settings for the Network Security Functions (NSFs), and optimization models that allow the optimal selection of the NSFs to use. These models are built on a formalization of the NSF capabilities, which serves to unequivocally describe what NSFs are able to do for security policy enforcement purposes. The approach proposed is the first step towards a security policy aware NFV management, orchestration, and resource allocation system - a paradigm shift for the management of virtualized networks - and it requires minor changes to the current NFV architecture. We prove that our approach is feasible, as it has been implemented by extending the OpenMANO framework and validated on several network scenarios. Furthermore, we prove with performance tests that policy refinement scales well enough to support current and future virtualized networks.

    SFX


    Titolo: Adding Support for Automatic Enforcement of Security Policies in NFV Networks
    Autori: 
    BASILE, CATALDO
    VALENZA, FULVIO
    LIOY, ANTONIO
    mostra contributor esterni 
    Data di pubblicazione: Being printed
    Rivista: 
    IEEE-ACM TRANSACTIONS ON NETWORKING  
    Digital Object Identifier (DOI): 10.1109/TNET.2019.2895278
    Appare nelle tipologie:1.1 Articolo in rivista

    File in questo prodotto:
    File Descrizione Tipologia Licenza  
    IEEE_ACM_10.1109_TNET.2019.2895278_preprint.pdf Pre-print (authors' version)2. Post-printPUBBLICO - Tutti i diritti riservatiVisibile a tuttiVisualizza/Apri

    I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
     
     
     
    Powered by IRIS-about IRIS-Utilizzo dei cookie
    Logo CINECA  Copyright © 2019