Philippe Massonet, S. Dupont, Arnaud Michot, A. Levin, M. Villari
{"title":"一种使用服务功能链保护联邦云网络的体系结构","authors":"Philippe Massonet, S. Dupont, Arnaud Michot, A. Levin, M. Villari","doi":"10.1109/ISCC.2016.7543711","DOIUrl":null,"url":null,"abstract":"Capacity, availability or resilience of clouds can be increased by interconnecting two or more cloud computing environments to form a cloud federation and share resources. Shared resources include compute and storage resources but also networking resources. By integrating software defined networks/ virtual networks (SDN), network function virtualization (NFV) and network function chaining (SFC) technologies into cloud management platforms it is possible to create more advanced and flexible cloud federation mechanisms. In this paper we show how to secure federated cloud networks and how to customise the security of each individual federated cloud network running in a cloud federation. We propose an architecture for securing federated cloud networks by enforcing a global security policy to all network segments of a federation, and local security policies on each network of the federation. Cloud stakeholders can specify the required security virtual network functions (VNF), how to configure them, and how to chain them in a service manifest. The proposed architecture is illustrated with a deep packet inspection case study. Future work on implementing the proposed architecture in an OpenStack federation is briefly discussed.","PeriodicalId":148096,"journal":{"name":"2016 IEEE Symposium on Computers and Communication (ISCC)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"An architecture for securing federated cloud networks with Service Function Chaining\",\"authors\":\"Philippe Massonet, S. Dupont, Arnaud Michot, A. Levin, M. Villari\",\"doi\":\"10.1109/ISCC.2016.7543711\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Capacity, availability or resilience of clouds can be increased by interconnecting two or more cloud computing environments to form a cloud federation and share resources. Shared resources include compute and storage resources but also networking resources. By integrating software defined networks/ virtual networks (SDN), network function virtualization (NFV) and network function chaining (SFC) technologies into cloud management platforms it is possible to create more advanced and flexible cloud federation mechanisms. In this paper we show how to secure federated cloud networks and how to customise the security of each individual federated cloud network running in a cloud federation. We propose an architecture for securing federated cloud networks by enforcing a global security policy to all network segments of a federation, and local security policies on each network of the federation. Cloud stakeholders can specify the required security virtual network functions (VNF), how to configure them, and how to chain them in a service manifest. The proposed architecture is illustrated with a deep packet inspection case study. Future work on implementing the proposed architecture in an OpenStack federation is briefly discussed.\",\"PeriodicalId\":148096,\"journal\":{\"name\":\"2016 IEEE Symposium on Computers and Communication (ISCC)\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE Symposium on Computers and Communication (ISCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC.2016.7543711\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Symposium on Computers and Communication (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC.2016.7543711","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An architecture for securing federated cloud networks with Service Function Chaining
Capacity, availability or resilience of clouds can be increased by interconnecting two or more cloud computing environments to form a cloud federation and share resources. Shared resources include compute and storage resources but also networking resources. By integrating software defined networks/ virtual networks (SDN), network function virtualization (NFV) and network function chaining (SFC) technologies into cloud management platforms it is possible to create more advanced and flexible cloud federation mechanisms. In this paper we show how to secure federated cloud networks and how to customise the security of each individual federated cloud network running in a cloud federation. We propose an architecture for securing federated cloud networks by enforcing a global security policy to all network segments of a federation, and local security policies on each network of the federation. Cloud stakeholders can specify the required security virtual network functions (VNF), how to configure them, and how to chain them in a service manifest. The proposed architecture is illustrated with a deep packet inspection case study. Future work on implementing the proposed architecture in an OpenStack federation is briefly discussed.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
