Security wrapper orchestration in cloud

Aapo Kalliola, Shankar Lal, Kimmo Ahola, Ian Oliver, Yoan Miche, Tuomas Aura

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

1 Citation (Scopus)

Abstract

We present an architecture and implementation of the security wrapper concept for the protection of virtualized network functions in a cloud environment. The security wrapper is the enclosing of a set of virtualized resources within a data plane transparent protective envelope in the network forwarding graph. The extent and capabilities of this envelope are dynamic. We present a prototype implementation of the security wrapper and analyze its behaviour in different operation scenarios. Measurements of the wrapper orchestration delays, resource overhead and data plane traffic impact indicate that the proposed mechanism can be deployed in virtualized networks with little overhead while remaining relatively transparent to the traffic traversing the security wrapper boundary.

Original languageEnglish
Title of host publicationProceedings of the 13th International Conference on Availability, Reliability and Security
PublisherAssociation for Computing Machinery ACM
Number of pages6
ISBN (Electronic)978-1-4503-6448-5
DOIs
Publication statusPublished - 27 Aug 2018
MoE publication typeA4 Article in a conference publication
Event13th International Conference on Availability, Reliability and Security, ARES 2018 - Hamburg, Germany
Duration: 27 Aug 201830 Aug 2018

Conference

Conference13th International Conference on Availability, Reliability and Security, ARES 2018
CountryGermany
CityHamburg
Period27/08/1830/08/18

Cite this

Kalliola, A., Lal, S., Ahola, K., Oliver, I., Miche, Y., & Aura, T. (2018). Security wrapper orchestration in cloud. In Proceedings of the 13th International Conference on Availability, Reliability and Security Association for Computing Machinery ACM. https://doi.org/10.1145/3230833.3232853
Kalliola, Aapo ; Lal, Shankar ; Ahola, Kimmo ; Oliver, Ian ; Miche, Yoan ; Aura, Tuomas. / Security wrapper orchestration in cloud. Proceedings of the 13th International Conference on Availability, Reliability and Security. Association for Computing Machinery ACM, 2018.
@inproceedings{6d18e698e26a4fd4a6cf0890ce2e1952,
title = "Security wrapper orchestration in cloud",
abstract = "We present an architecture and implementation of the security wrapper concept for the protection of virtualized network functions in a cloud environment. The security wrapper is the enclosing of a set of virtualized resources within a data plane transparent protective envelope in the network forwarding graph. The extent and capabilities of this envelope are dynamic. We present a prototype implementation of the security wrapper and analyze its behaviour in different operation scenarios. Measurements of the wrapper orchestration delays, resource overhead and data plane traffic impact indicate that the proposed mechanism can be deployed in virtualized networks with little overhead while remaining relatively transparent to the traffic traversing the security wrapper boundary.",
author = "Aapo Kalliola and Shankar Lal and Kimmo Ahola and Ian Oliver and Yoan Miche and Tuomas Aura",
year = "2018",
month = "8",
day = "27",
doi = "10.1145/3230833.3232853",
language = "English",
booktitle = "Proceedings of the 13th International Conference on Availability, Reliability and Security",
publisher = "Association for Computing Machinery ACM",
address = "United States",

}

Kalliola, A, Lal, S, Ahola, K, Oliver, I, Miche, Y & Aura, T 2018, Security wrapper orchestration in cloud. in Proceedings of the 13th International Conference on Availability, Reliability and Security. Association for Computing Machinery ACM, 13th International Conference on Availability, Reliability and Security, ARES 2018, Hamburg, Germany, 27/08/18. https://doi.org/10.1145/3230833.3232853

Security wrapper orchestration in cloud. / Kalliola, Aapo; Lal, Shankar; Ahola, Kimmo; Oliver, Ian; Miche, Yoan; Aura, Tuomas.

Proceedings of the 13th International Conference on Availability, Reliability and Security. Association for Computing Machinery ACM, 2018.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Security wrapper orchestration in cloud

AU - Kalliola, Aapo

AU - Lal, Shankar

AU - Ahola, Kimmo

AU - Oliver, Ian

AU - Miche, Yoan

AU - Aura, Tuomas

PY - 2018/8/27

Y1 - 2018/8/27

N2 - We present an architecture and implementation of the security wrapper concept for the protection of virtualized network functions in a cloud environment. The security wrapper is the enclosing of a set of virtualized resources within a data plane transparent protective envelope in the network forwarding graph. The extent and capabilities of this envelope are dynamic. We present a prototype implementation of the security wrapper and analyze its behaviour in different operation scenarios. Measurements of the wrapper orchestration delays, resource overhead and data plane traffic impact indicate that the proposed mechanism can be deployed in virtualized networks with little overhead while remaining relatively transparent to the traffic traversing the security wrapper boundary.

AB - We present an architecture and implementation of the security wrapper concept for the protection of virtualized network functions in a cloud environment. The security wrapper is the enclosing of a set of virtualized resources within a data plane transparent protective envelope in the network forwarding graph. The extent and capabilities of this envelope are dynamic. We present a prototype implementation of the security wrapper and analyze its behaviour in different operation scenarios. Measurements of the wrapper orchestration delays, resource overhead and data plane traffic impact indicate that the proposed mechanism can be deployed in virtualized networks with little overhead while remaining relatively transparent to the traffic traversing the security wrapper boundary.

UR - http://www.scopus.com/inward/record.url?scp=85055270853&partnerID=8YFLogxK

U2 - 10.1145/3230833.3232853

DO - 10.1145/3230833.3232853

M3 - Conference article in proceedings

AN - SCOPUS:85055270853

BT - Proceedings of the 13th International Conference on Availability, Reliability and Security

PB - Association for Computing Machinery ACM

ER -

Kalliola A, Lal S, Ahola K, Oliver I, Miche Y, Aura T. Security wrapper orchestration in cloud. In Proceedings of the 13th International Conference on Availability, Reliability and Security. Association for Computing Machinery ACM. 2018 https://doi.org/10.1145/3230833.3232853