Provably efficient security-aware service function tree composing and embedding in multi-vendor networks

IF 4.4 2区 计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE Computer Networks Pub Date : 2024-10-09 DOI:10.1016/j.comnet.2024.110843
Danyang Zheng , Huanlai Xing , Li Feng , Xiaojun Cao
{"title":"Provably efficient security-aware service function tree composing and embedding in multi-vendor networks","authors":"Danyang Zheng ,&nbsp;Huanlai Xing ,&nbsp;Li Feng ,&nbsp;Xiaojun Cao","doi":"10.1016/j.comnet.2024.110843","DOIUrl":null,"url":null,"abstract":"<div><div>Multicast greatly benefits many emerging applications such as federated learning, metaverse, and data warehouse. Recently, due to frequent cyber-attacks, multicast services have tended to request rigorous security agreements, which likely differ among the destinations. To meet such agreements, one can employ security-aware service functions (SFs) to construct the security-aware SF tree (S-SFT) for multicast services. A security-aware SF can be provided by various vendors with diverse configurations and implementation costs. The multi-configured SFs and the various security agreements will add significant complexity to the deployment process of the security-aware multicast request. In this work, for the first time, we study how to effectively compose and embed an S-SFT over the network with multiple vendors. We formulate the problem of security-aware SFT composing and embedding. We develop a new technique called cost-security-centrality (CSC) based on the pigeonhole’ s principle and propose a heuristic algorithm called CSC-based S-SFT deployment (CSC-SD). Via thorough mathematical proofs, we show that CSC-SD is logarithm approximate. Extensive simulations show that CSC-SD significantly outperforms the benchmarks and reveal that more function sharing facilitates saving implementation cost, but more routing sharing does not indicate saving routing cost.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4000,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128624006753","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

Abstract

Multicast greatly benefits many emerging applications such as federated learning, metaverse, and data warehouse. Recently, due to frequent cyber-attacks, multicast services have tended to request rigorous security agreements, which likely differ among the destinations. To meet such agreements, one can employ security-aware service functions (SFs) to construct the security-aware SF tree (S-SFT) for multicast services. A security-aware SF can be provided by various vendors with diverse configurations and implementation costs. The multi-configured SFs and the various security agreements will add significant complexity to the deployment process of the security-aware multicast request. In this work, for the first time, we study how to effectively compose and embed an S-SFT over the network with multiple vendors. We formulate the problem of security-aware SFT composing and embedding. We develop a new technique called cost-security-centrality (CSC) based on the pigeonhole’ s principle and propose a heuristic algorithm called CSC-based S-SFT deployment (CSC-SD). Via thorough mathematical proofs, we show that CSC-SD is logarithm approximate. Extensive simulations show that CSC-SD significantly outperforms the benchmarks and reveal that more function sharing facilitates saving implementation cost, but more routing sharing does not indicate saving routing cost.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
多供应商网络中可证明的高效安全感知服务功能树合成与嵌入
组播对联合学习、元宇宙和数据仓库等许多新兴应用大有裨益。最近,由于网络攻击频发,组播服务倾向于要求严格的安全协议,而不同的目的地可能会有不同的安全协议。为了满足这些协议,人们可以采用安全感知服务函数(SF)来构建组播服务的安全感知 SF 树(S-SFT)。不同供应商可提供不同配置和实施成本的安全感知 SF。多种配置的 SF 和各种安全协议将大大增加安全感知组播请求部署过程的复杂性。在这项工作中,我们首次研究了如何在多个供应商的网络上有效地组成和嵌入 S-SFT。我们提出了安全感知 SFT 的合成和嵌入问题。我们基于鸽笼原理开发了一种名为成本-安全-中心性(CSC)的新技术,并提出了一种名为基于 CSC 的 S-SFT 部署(CSC-SD)的启发式算法。通过详尽的数学证明,我们证明 CSC-SD 是对数近似值。广泛的仿真表明,CSC-SD 的性能明显优于基准,并揭示了更多的功能共享有利于节省实施成本,但更多的路由共享并不表明可以节省路由成本。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Computer Networks
Computer Networks 工程技术-电信学
CiteScore
10.80
自引率
3.60%
发文量
434
审稿时长
8.6 months
期刊介绍: Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.
期刊最新文献
GWPF: Communication-efficient federated learning with Gradient-Wise Parameter Freezing Slice admission control in 5G wireless communication with multi-dimensional state space and distributed action space: A sequential twin actor-critic approach Quantitative analysis of segmented satellite network architectures: A maritime surveillance case study Machine learning-driven integration of terrestrial and non-terrestrial networks for enhanced 6G connectivity Evaluating integration methods of a quantum random number generator in OpenSSL for TLS
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1