Towards Novel Security Architectures for Network Functions Virtualization

The definition of elastic network services that can be orchestrated at run-time brings unprecedented agility and dynamicity in network operation, but also complicates security management. As a matter of fact, cyber-security appliances are still largely stuck to traditional paradigms, based on relatively static topologies and the security perimeter model. The uptake of service-oriented architectures and microservices is now suggesting to compose security services by orchestrating monitoring, inspection, and enforcement capabilities, which are natively implemented in each elementary component (virtual functions, software-defined network equipment). In this paper, we describe and evaluate a novel framework for monitoring, inspection and enforcement that provides a broad and heterogeneous security context for centralized analytics, correlation and detection. Our work represents the preliminary step towards the creation of true Security-as-a-Service (SecaaS) paradigms in virtualized environments, through programmatic composition of common capabilities available in each virtual function.

Risorse UNIGE
Titolo: Towards Novel Security Architectures for Network Functions Virtualization
Autori: 
CARREGA, ALESSANDRO
mostra contributor esterni 
Data di pubblicazione: 2019
Handle: http://hdl.handle.net/11567/1076786
ISBN: 978-1-7281-4545-7
Appare nelle tipologie:04.01 - Contributo in atti di convegno

File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
 
 
 
Powered by IRIS-about IRIS-Utilizzo dei cookie-Privacy
Logo CINECA  Copyright © 2022