Abstract
We present an architecture and implementation of the security wrapper concept for the protection of virtualized network functions in a cloud environment. The security wrapper is the enclosing of a set of virtualized resources within a data plane transparent protective envelope in the network forwarding graph. The extent and capabilities of this envelope are dynamic. We present a prototype implementation of the security wrapper and analyze its behaviour in different operation scenarios. Measurements of the wrapper orchestration delays, resource overhead and data plane traffic impact indicate that the proposed mechanism can be deployed in virtualized networks with little overhead while remaining relatively transparent to the traffic traversing the security wrapper boundary.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 13th International Conference on Availability, Reliability and Security |
| Publisher | Association for Computing Machinery ACM |
| Number of pages | 6 |
| ISBN (Electronic) | 978-1-4503-6448-5 |
| DOIs | |
| Publication status | Published - 27 Aug 2018 |
| MoE publication type | A4 Article in a conference publication |
| Event | 13th International Conference on Availability, Reliability and Security, ARES 2018 - Hamburg, Germany Duration: 27 Aug 2018 → 30 Aug 2018 |
Conference
| Conference | 13th International Conference on Availability, Reliability and Security, ARES 2018 |
|---|---|
| Country/Territory | Germany |
| City | Hamburg |
| Period | 27/08/18 → 30/08/18 |