Securing VNF communication in NFVI

Shankar Lal, Aapo Kalliola, Ian Oliver, Kimmo Ahola, Tarik Taleb

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    5 Citations (Scopus)

    Abstract

    In a modern telco cloud, network functions are performed by groups of single or interconnected virtual machines (VMs), which form virtualized network functions (VNFs). Securing these VNFs is both important and challenging, since the VNFs might be performing some mission critical operations and exchanging sensitive information among each other. The problem lies in the implementation of current cloud infrastructure where security of traffic is not considered at large. The exchanged traffic among VNFs is mostly unencrypted and subject to eavesdropping. In this paper, we present possible approaches along with the implementation setup to solve the problem of securing communication among VNFs. We also discuss performance overhead measurements of our testbed setup along with relevant challenges and directions for future work.

    Original languageEnglish
    Title of host publication2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017
    PublisherIEEE Institute of Electrical and Electronic Engineers
    Pages187-192
    Number of pages6
    ISBN (Electronic)978-1-5386-3070-9
    DOIs
    Publication statusPublished - 2017
    MoE publication typeA4 Article in a conference publication
    Event2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017 - Helsinki, Finland
    Duration: 18 Sep 201720 Sep 2017

    Conference

    Conference2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017
    CountryFinland
    CityHelsinki
    Period18/09/1720/09/17

    Fingerprint

    Communication
    Testbeds

    Keywords

    • cloud computing
    • virtual private networks
    • servers
    • bridges
    • cryptography
    • tools

    Cite this

    Lal, S., Kalliola, A., Oliver, I., Ahola, K., & Taleb, T. (2017). Securing VNF communication in NFVI. In 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017 (pp. 187-192). [8088620] IEEE Institute of Electrical and Electronic Engineers . https://doi.org/10.1109/CSCN.2017.8088620
    Lal, Shankar ; Kalliola, Aapo ; Oliver, Ian ; Ahola, Kimmo ; Taleb, Tarik. / Securing VNF communication in NFVI. 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017. IEEE Institute of Electrical and Electronic Engineers , 2017. pp. 187-192
    @inproceedings{f1492795ade64d70b29c30ffa548ca80,
    title = "Securing VNF communication in NFVI",
    abstract = "In a modern telco cloud, network functions are performed by groups of single or interconnected virtual machines (VMs), which form virtualized network functions (VNFs). Securing these VNFs is both important and challenging, since the VNFs might be performing some mission critical operations and exchanging sensitive information among each other. The problem lies in the implementation of current cloud infrastructure where security of traffic is not considered at large. The exchanged traffic among VNFs is mostly unencrypted and subject to eavesdropping. In this paper, we present possible approaches along with the implementation setup to solve the problem of securing communication among VNFs. We also discuss performance overhead measurements of our testbed setup along with relevant challenges and directions for future work.",
    keywords = "cloud computing, virtual private networks, servers, bridges, cryptography, tools",
    author = "Shankar Lal and Aapo Kalliola and Ian Oliver and Kimmo Ahola and Tarik Taleb",
    year = "2017",
    doi = "10.1109/CSCN.2017.8088620",
    language = "English",
    pages = "187--192",
    booktitle = "2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017",
    publisher = "IEEE Institute of Electrical and Electronic Engineers",
    address = "United States",

    }

    Lal, S, Kalliola, A, Oliver, I, Ahola, K & Taleb, T 2017, Securing VNF communication in NFVI. in 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017., 8088620, IEEE Institute of Electrical and Electronic Engineers , pp. 187-192, 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017, Helsinki, Finland, 18/09/17. https://doi.org/10.1109/CSCN.2017.8088620

    Securing VNF communication in NFVI. / Lal, Shankar; Kalliola, Aapo; Oliver, Ian; Ahola, Kimmo; Taleb, Tarik.

    2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017. IEEE Institute of Electrical and Electronic Engineers , 2017. p. 187-192 8088620.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    TY - GEN

    T1 - Securing VNF communication in NFVI

    AU - Lal, Shankar

    AU - Kalliola, Aapo

    AU - Oliver, Ian

    AU - Ahola, Kimmo

    AU - Taleb, Tarik

    PY - 2017

    Y1 - 2017

    N2 - In a modern telco cloud, network functions are performed by groups of single or interconnected virtual machines (VMs), which form virtualized network functions (VNFs). Securing these VNFs is both important and challenging, since the VNFs might be performing some mission critical operations and exchanging sensitive information among each other. The problem lies in the implementation of current cloud infrastructure where security of traffic is not considered at large. The exchanged traffic among VNFs is mostly unencrypted and subject to eavesdropping. In this paper, we present possible approaches along with the implementation setup to solve the problem of securing communication among VNFs. We also discuss performance overhead measurements of our testbed setup along with relevant challenges and directions for future work.

    AB - In a modern telco cloud, network functions are performed by groups of single or interconnected virtual machines (VMs), which form virtualized network functions (VNFs). Securing these VNFs is both important and challenging, since the VNFs might be performing some mission critical operations and exchanging sensitive information among each other. The problem lies in the implementation of current cloud infrastructure where security of traffic is not considered at large. The exchanged traffic among VNFs is mostly unencrypted and subject to eavesdropping. In this paper, we present possible approaches along with the implementation setup to solve the problem of securing communication among VNFs. We also discuss performance overhead measurements of our testbed setup along with relevant challenges and directions for future work.

    KW - cloud computing

    KW - virtual private networks

    KW - servers

    KW - bridges

    KW - cryptography

    KW - tools

    UR - http://www.scopus.com/inward/record.url?scp=85040174092&partnerID=8YFLogxK

    U2 - 10.1109/CSCN.2017.8088620

    DO - 10.1109/CSCN.2017.8088620

    M3 - Conference article in proceedings

    AN - SCOPUS:85040174092

    SP - 187

    EP - 192

    BT - 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017

    PB - IEEE Institute of Electrical and Electronic Engineers

    ER -

    Lal S, Kalliola A, Oliver I, Ahola K, Taleb T. Securing VNF communication in NFVI. In 2017 IEEE Conference on Standards for Communications and Networking, CSCN 2017. IEEE Institute of Electrical and Electronic Engineers . 2017. p. 187-192. 8088620 https://doi.org/10.1109/CSCN.2017.8088620