Security wrapper orchestration in cloud

Aapo Kalliola, Shankar Lal, Kimmo Ahola, Ian Oliver, Yoan Miche, Tuomas Aura

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    1 Citation (Scopus)

    Abstract

    We present an architecture and implementation of the security wrapper concept for the protection of virtualized network functions in a cloud environment. The security wrapper is the enclosing of a set of virtualized resources within a data plane transparent protective envelope in the network forwarding graph. The extent and capabilities of this envelope are dynamic. We present a prototype implementation of the security wrapper and analyze its behaviour in different operation scenarios. Measurements of the wrapper orchestration delays, resource overhead and data plane traffic impact indicate that the proposed mechanism can be deployed in virtualized networks with little overhead while remaining relatively transparent to the traffic traversing the security wrapper boundary.

    Original languageEnglish
    Title of host publicationProceedings of the 13th International Conference on Availability, Reliability and Security
    PublisherAssociation for Computing Machinery ACM
    Number of pages6
    ISBN (Electronic)978-1-4503-6448-5
    DOIs
    Publication statusPublished - 27 Aug 2018
    MoE publication typeA4 Article in a conference publication
    Event13th International Conference on Availability, Reliability and Security, ARES 2018 - Hamburg, Germany
    Duration: 27 Aug 201830 Aug 2018

    Conference

    Conference13th International Conference on Availability, Reliability and Security, ARES 2018
    Country/TerritoryGermany
    CityHamburg
    Period27/08/1830/08/18

    Cite this