Virtualized security at the network edge : a user-centric approach

Diego Montero, Marcelo Yannuzzi, Adrian Shaw, Ludovic Jacquin, Antonio Pastor, René Serral-Gracià, Antonio Lioy, Fulvio Risso, Cataldo Basile, Roberto Sassu, Mario Nemirovsky, Francesco Ciaccia, Michael Georgiades, Savvas Charalambides, Jarkko Kuusijärvi, Francesca Bosco

    Research output: Contribution to journalArticleScientificpeer-review

    39 Citations (Scopus)


    The current device-centric protection model against security threats has serious limitations. On one hand, the proliferation of user terminals such as smartphones, tablets, notebooks, smart TVs, game consoles, and desktop computers makes it extremely difficult to achieve the same level of protection regardless of the device used. On the other hand, when various users share devices (e.g., parents and kids using the same devices at home), the setup of distinct security profiles, policies, and protection rules for the different users of a terminal is far from trivial. In light of this, this article advocates for a paradigm shift in user protection. In our model, protection is decoupled from users' terminals, and it is provided by the access network through a trusted virtual domain. Each trusted virtual domain provides unified and homogeneous security for a single user irrespective of the terminal employed. We describe a user-centric model where nontechnically savvy users can define their own profiles and protection rules in an intuitive way. We show that our model can harness the virtualization power offered by next-generation access networks, especially from network functions virtualization in the points of presence at the edge of telecom operators. We also analyze the distinctive features of our model, and the challenges faced based on the experience gained in the development of a proof of concept.
    Original languageEnglish
    Pages (from-to)176-186
    JournalIEEE Communications Magazine
    Issue number4
    Publication statusPublished - 2015
    MoE publication typeA1 Journal article-refereed


    • analytical models
    • network security
    • ontologies
    • security
    • uniform resource locators
    • virtualization


    Dive into the research topics of 'Virtualized security at the network edge : a user-centric approach'. Together they form a unique fingerprint.

    Cite this