In network security, Network Function Virtualization can be exploited to implement flexible security services tailored to specific user needs. However, in practice this is hard to achieve due to the limitations of reference software platforms, such as Kubernetes, which are designed to orchestrate cloud-native services. In this work, we complement Kubernetes with a state-of-the-art algorithm for application-aware provisioning of security services. We demonstrate that the proposed solution improves basic provisioning mechanisms, such as the default Kubernetes scheduler, in terms of Quality of Service and security guarantees for the users.

Towards Application-Aware Provisioning of Security Services with Kubernetes

Magnani, Simone;
2022-01-01

Abstract

In network security, Network Function Virtualization can be exploited to implement flexible security services tailored to specific user needs. However, in practice this is hard to achieve due to the limitations of reference software platforms, such as Kubernetes, which are designed to orchestrate cloud-native services. In this work, we complement Kubernetes with a state-of-the-art algorithm for application-aware provisioning of security services. We demonstrate that the proposed solution improves basic provisioning mechanisms, such as the default Kubernetes scheduler, in terms of Quality of Service and security guarantees for the users.
File in questo prodotto:
File Dimensione Formato  
Towards_Application-Aware_Provisioning_of_Security_Services_with_Kubernetes.pdf

accesso chiuso

Tipologia: Documento in versione editoriale
Dimensione 375.23 kB
Formato Adobe PDF
375.23 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11567/1177916
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
social impact