Securing VNF communication in NFVI

Shankar Lal; Aapo Kalliola; Ian Oliver; Kimmo Ahola; Tarik Taleb

doi:10.1109/CSCN.2017.8088620

Securing VNF communication in NFVI

Shankar Lal, Aapo Kalliola, Ian Oliver, Kimmo Ahola, Tarik Taleb

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

13 Citations (Scopus)

Abstract

In a modern telco cloud, network functions are performed by groups of single or interconnected virtual machines (VMs), which form virtualized network functions (VNFs). Securing these VNFs is both important and challenging, since the VNFs might be performing some mission critical operations and exchanging sensitive information among each other. The problem lies in the implementation of current cloud infrastructure where security of traffic is not considered at large. The exchanged traffic among VNFs is mostly unencrypted and subject to eavesdropping. In this paper, we present possible approaches along with the implementation setup to solve the problem of securing communication among VNFs. We also discuss performance overhead measurements of our testbed setup along with relevant challenges and directions for future work.

Original language	English
Title of host publication	2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017
Publisher	IEEE Institute of Electrical and Electronic Engineers
Pages	187-192
Number of pages	6
ISBN (Electronic)	978-1-5386-3070-9
DOIs	https://doi.org/10.1109/CSCN.2017.8088620
Publication status	Published - 2017
MoE publication type	A4 Article in a conference publication
Event	2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017 - Helsinki, Finland Duration: 18 Sept 2017 → 20 Sept 2017

Conference

Conference	2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017
Country/Territory	Finland
City	Helsinki
Period	18/09/17 → 20/09/17

Keywords

cloud computing
virtual private networks
servers
bridges
cryptography
tools

Access to Document

10.1109/CSCN.2017.8088620

Cite this

@inproceedings{f1492795ade64d70b29c30ffa548ca80,

title = "Securing VNF communication in NFVI",

abstract = "In a modern telco cloud, network functions are performed by groups of single or interconnected virtual machines (VMs), which form virtualized network functions (VNFs). Securing these VNFs is both important and challenging, since the VNFs might be performing some mission critical operations and exchanging sensitive information among each other. The problem lies in the implementation of current cloud infrastructure where security of traffic is not considered at large. The exchanged traffic among VNFs is mostly unencrypted and subject to eavesdropping. In this paper, we present possible approaches along with the implementation setup to solve the problem of securing communication among VNFs. We also discuss performance overhead measurements of our testbed setup along with relevant challenges and directions for future work.",

keywords = "cloud computing, virtual private networks, servers, bridges, cryptography, tools",

author = "Shankar Lal and Aapo Kalliola and Ian Oliver and Kimmo Ahola and Tarik Taleb",

note = "Funding Information: ACKNOWLEDGMENT This work was funded by Finnish Dimecc Cyber Trust Program and also partially supported by the ANASTACIA project, that has received funding from the European Union{\textquoteright}s Horizon 2020 Research and Innovation Programme under Grant Agreement N 731558 and from the Swiss State Secretariat for Education, Research and Innovation. Publisher Copyright: {\textcopyright} 2017 IEEE. Copyright: Copyright 2018 Elsevier B.V., All rights reserved.; 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017 ; Conference date: 18-09-2017 Through 20-09-2017",

year = "2017",

doi = "10.1109/CSCN.2017.8088620",

language = "English",

pages = "187--192",

booktitle = "2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017",

publisher = "IEEE Institute of Electrical and Electronic Engineers",

address = "United States",

}

Lal, S, Kalliola, A, Oliver, I, Ahola, K & Taleb, T 2017, Securing VNF communication in NFVI. in 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017., 8088620, IEEE Institute of Electrical and Electronic Engineers, pp. 187-192, 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017, Helsinki, Finland, 18/09/17. https://doi.org/10.1109/CSCN.2017.8088620

Securing VNF communication in NFVI. / Lal, Shankar; Kalliola, Aapo; Oliver, Ian et al.
2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017. IEEE Institute of Electrical and Electronic Engineers, 2017. p. 187-192 8088620.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Securing VNF communication in NFVI

AU - Lal, Shankar

AU - Kalliola, Aapo

AU - Oliver, Ian

AU - Ahola, Kimmo

AU - Taleb, Tarik

N1 - Funding Information: ACKNOWLEDGMENT This work was funded by Finnish Dimecc Cyber Trust Program and also partially supported by the ANASTACIA project, that has received funding from the European Union’s Horizon 2020 Research and Innovation Programme under Grant Agreement N 731558 and from the Swiss State Secretariat for Education, Research and Innovation. Publisher Copyright: © 2017 IEEE. Copyright: Copyright 2018 Elsevier B.V., All rights reserved.

PY - 2017

Y1 - 2017

N2 - In a modern telco cloud, network functions are performed by groups of single or interconnected virtual machines (VMs), which form virtualized network functions (VNFs). Securing these VNFs is both important and challenging, since the VNFs might be performing some mission critical operations and exchanging sensitive information among each other. The problem lies in the implementation of current cloud infrastructure where security of traffic is not considered at large. The exchanged traffic among VNFs is mostly unencrypted and subject to eavesdropping. In this paper, we present possible approaches along with the implementation setup to solve the problem of securing communication among VNFs. We also discuss performance overhead measurements of our testbed setup along with relevant challenges and directions for future work.

AB - In a modern telco cloud, network functions are performed by groups of single or interconnected virtual machines (VMs), which form virtualized network functions (VNFs). Securing these VNFs is both important and challenging, since the VNFs might be performing some mission critical operations and exchanging sensitive information among each other. The problem lies in the implementation of current cloud infrastructure where security of traffic is not considered at large. The exchanged traffic among VNFs is mostly unencrypted and subject to eavesdropping. In this paper, we present possible approaches along with the implementation setup to solve the problem of securing communication among VNFs. We also discuss performance overhead measurements of our testbed setup along with relevant challenges and directions for future work.

KW - cloud computing

KW - virtual private networks

KW - servers

KW - bridges

KW - cryptography

KW - tools

UR - http://www.scopus.com/inward/record.url?scp=85040174092&partnerID=8YFLogxK

U2 - 10.1109/CSCN.2017.8088620

DO - 10.1109/CSCN.2017.8088620

M3 - Conference article in proceedings

AN - SCOPUS:85040174092

SP - 187

EP - 192

BT - 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017

PB - IEEE Institute of Electrical and Electronic Engineers

T2 - 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017

Y2 - 18 September 2017 through 20 September 2017

ER -

Securing VNF communication in NFVI

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this