Security wrapper orchestration in cloud

Aapo Kalliola, Shankar Lal, Kimmo Ahola, Ian Oliver, Yoan Miche, Tuomas Aura

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

1 Citation (Scopus)

Abstract

We present an architecture and implementation of the security wrapper concept for the protection of virtualized network functions in a cloud environment. The security wrapper is the enclosing of a set of virtualized resources within a data plane transparent protective envelope in the network forwarding graph. The extent and capabilities of this envelope are dynamic. We present a prototype implementation of the security wrapper and analyze its behaviour in different operation scenarios. Measurements of the wrapper orchestration delays, resource overhead and data plane traffic impact indicate that the proposed mechanism can be deployed in virtualized networks with little overhead while remaining relatively transparent to the traffic traversing the security wrapper boundary.

Original languageEnglish
Title of host publicationProceedings of the 13th International Conference on Availability, Reliability and Security
PublisherAssociation for Computing Machinery ACM
Number of pages6
ISBN (Electronic)978-1-4503-6448-5
DOIs
Publication statusPublished - 27 Aug 2018
MoE publication typeA4 Article in a conference publication
Event13th International Conference on Availability, Reliability and Security, ARES 2018 - Hamburg, Germany
Duration: 27 Aug 201830 Aug 2018

Conference

Conference13th International Conference on Availability, Reliability and Security, ARES 2018
CountryGermany
CityHamburg
Period27/08/1830/08/18

Cite this

Kalliola, A., Lal, S., Ahola, K., Oliver, I., Miche, Y., & Aura, T. (2018). Security wrapper orchestration in cloud. In Proceedings of the 13th International Conference on Availability, Reliability and Security Association for Computing Machinery ACM. https://doi.org/10.1145/3230833.3232853