An Energy-driven Network Function Virtualization for Multi-domain Software Defined Networks

Network Functions Virtualization (NFV) in Software Defined Networks (SDN) emerged as a new technology for creating virtual instances for smooth execution of multiple applications. Their amalgamation provides flexible and programmable platforms to utilize the network resources for providing Quality of Service (QoS) to various applications. In SDN-enabled NFV setups, the underlying network services can be viewed as a series of virtual network functions (VNFs) and their optimal deployment on physical/virtual nodes is considered a challenging task to perform. However, SDNs have evolved from single-domain to multi-domain setups in the recent era. Thus, the complexity of the underlying VNF deployment problem in multi-domain setups has increased manifold. Moreover, the energy utilization aspect is relatively unexplored with respect to an optimal mapping of VNFs across multiple SDN domains. Hence, in this work, the VNF deployment problem in multi-domain SDN setup has been addressed with a primary emphasis on reducing the overall energy consumption for deploying the maximum number of VNFs with guaranteed QoS. The problem in hand is initially formulated as a "Multi-objective Optimization Problem" based on Integer Linear Programming (ILP) to obtain an optimal solution. However, the formulated ILP becomes complex to solve with an increasing number of decision variables and constraints with an increase in the size of the network. Thus, we leverage the benefits of the popular evolutionary optimization algorithms to solve the problem under consideration. In order to deduce the most appropriate evolutionary optimization algorithm to solve the considered problem, it is subjected to different variants of evolutionary algorithms on the widely used MOEA framework (an open source java framework based on multi-objective evolutionary algorithms).Comment: Accepted for publication in IEEE INFOCOM 2019 Workshop on Intelligent Cloud Computing and Networking (ICCN 2019

Joint Energy Efficient and QoS-aware Path Allocation and VNF Placement for Service Function Chaining

Service Function Chaining (SFC) allows the forwarding of a traffic flow along a chain of Virtual Network Functions (VNFs, e.g., IDS, firewall, and NAT). Software Defined Networking (SDN) solutions can be used to support SFC reducing the management complexity and the operational costs. One of the most critical issues for the service and network providers is the reduction of energy consumption, which should be achieved without impact to the quality of services. In this paper, we propose a novel resource (re)allocation architecture which enables energy-aware SFC for SDN-based networks. To this end, we model the problems of VNF placement, allocation of VNFs to flows, and flow routing as optimization problems. Thereafter, heuristic algorithms are proposed for the different optimization problems, in order find near-optimal solutions in acceptable times. The performance of the proposed algorithms are numerically evaluated over a real-world topology and various network traffic patterns. The results confirm that the proposed heuristic algorithms provide near optimal solutions while their execution time is applicable for real-life networks.Comment: Extended version of submitted paper - v7 - July 201

Resource Orchestration in Softwarized Networks

Network softwarization is an emerging research area that is envisioned to revolutionize the way network infrastructure is designed, operated, and managed today. Contemporary telecommunication networks are going through a major transformation, and softwarization is recognized as a crucial enabler of this transformation by both academia and industry. Softwarization promises to overcome the current ossified state of Internet network architecture and evolve towards a more open, agile, flexible, and programmable networking paradigm that will reduce both capital and operational expenditures, cut-down time-to-market of new services, and create new revenue streams. Software-Defined Networking (SDN) and Network Function Virtualization (NFV) are two complementary networking technologies that have established themselves as the cornerstones of network softwarization. SDN decouples the control and data planes to provide enhanced programmability and faster innovation of networking technologies. It facilitates simplified network control, scalability, availability, flexibility, security, cost-reduction, autonomic management, and fine-grained control of network traffic. NFV utilizes virtualization technology to reduce dependency on underlying hardware by moving packet processing activities from proprietary hardware middleboxes to virtualized entities that can run on commodity hardware. Together SDN and NFV simplify network infrastructure by utilizing standardized and commodity hardware for both compute and networking; bringing the benefits of agility, economies of scale, and flexibility of data centers to networks. Network softwarization provides the tools required to re-architect the current network infrastructure of the Internet. However, the effective application of these tools requires efficient utilization of networking resources in the softwarized environment. Innovative techniques and mechanisms are required for all aspects of network management and control. The overarching goal of this thesis is to address several key resource orchestration challenges in softwarized networks. The resource allocation and orchestration techniques presented in this thesis utilize the functionality provided by softwarization to reduce operational cost, improve resource utilization, ensure scalability, dynamically scale resource pools according to demand, and optimize energy utilization

Contribution to multi-domain network slicing : resource orchestration framework and algorithms

5G/6G services and applications, in the context of the eMBB, mMTC and uRLLC network slicing framework, whose network infrastructure requirements may span beyond the coverage area of a single Infrastructure Provider (InP), are envisaged to be supported by leasing resources from multiple InPs. A challenging aspect for a Service Provider (SP) is how to obtain an optimal set of InPs on which to provision the requests and the particular substrate nodes and links within each InP on which to map the different VNFs and virtual links of the service requests, respectively, for a seamless, reliable and cost-effective orchestration of service requests. Existing works in this area either perform service mapping in uncoordinated manner, do not incorporate service reliability or do so from the perspective of stateless VNFs. Also they assume full information disclosure, or are based on exact approaches, which considerations are not well suited for future network scenarios characterized by delay sensitive mission critical applications and resource constrained networks. This thesis contributes to the above challenge by breaking the multi-domain service orchestration problem into two interlinked sub-problems that are solved in a coordinated manner: (1) Request splitting/partitioning (sub-problem 1), involving obtaining a subset of InPs and the corresponding inter-domain links on which to provision the different VNFs and virtual links of the service request; (2) Intra-domain VNF orchestration (sub-problem 2), involving obtaining the intra-domain nodes and links to provision the VNFs and virtual links of the sub-SFC associated with each InP. In this way, the thesis sets out four key targets that are necessary to align with the mission critical and delay sensitive use-cases envisaged in 5G and future networks in terms of service deployment cost and QoS: (1) coordinated mapping of service requests, with a view of realizing better utilization of the substrate resources; (2) survivability and fault-tolerant orchestration of service requests, to tame both QoS violations and the penalties from such violations; (3) limited disclosure of InP internal information, in order adhere to the privacy requirements InPs, and (4) achieving all the above targets in polynomial time. In order to realize the above targets, the thesis sought for solution techniques that are: (1) able to incorporate information learned in the previous solutions search space and historical mapping decisions, hence, resulting in acceptable performance even in scenarios of limited information exposure and fuzzy environments; (2) robust and less problem specific, hence, can be tailored to different optimization objectives, network topologies and service request constraints, thus enabling to deal with requests with either chained topologies or with bifurcated paths; (3) capable of dealing with an optimization problem that is jointly affected by multiple attributes, since in practice, the service deployment cost is jointly affected by multiple conflicting costs; (4) able to realize near-optimal solutions in practical run-times, thus rendering well suited approaches for delay sensitive and resource constrained scenarios. Three different algorithms namely, an RL, Genetic Algorithm (GA) and a fully distributed multi-stage graph-based algorithms are proposed for sub-problem 1. In addition, five different algorithms based on GA, Harmony search, RL, and multi-stage graph approach are proposed for sub-problem 2. Finally, in order to guide the implementation and adherence of the thesis proposals to the four main targets of the thesis, an architectural framework is proposed, aligned with the ETSI NFV-MANO architectural framework. Overall, the simulations results proved that the thesis proposals are optimized in terms of request acceptance ratios, mapping cost and execution time, hence, rendering such proposals well suited for 5G and future scenarios.Els serveis que es poden presentar en el marc de la tecnologia de “slicing” de xarxa de 5G/6G, com ara eMBB, mMTC o uRLLC, es possible que no els pugui oferir un sol proveïdor d’infraestructura (InP) degut a les limitacions que pot tenir la seva xarxa, i per tant que faci necessària la cooperació de múltiples InPs. En aquest cas, el primer repte que afronta el Proveïdor de Servei (SP) que rep la sol·licitud de desplegament es determinar el conjunt òptim de InPs que hi han d’intervenir i en concret els nodes i enllaços de cada un d’ells que s’han d’utilitzar per al mapatge de les diferents VNFs i enllaços virtuals de la sol·licitud. Els treballs que existeixen en aquesta àrea duen a terme el mapatge del servei be sigui de manera no coordinada, o no incorporen la fiabilitat, o ho fan des de la perspectiva de VNFs sense estat. També, pressuposen la divulgació total de la informació, o estan basats en metodologies exactes que fa que no siguin idonis per a escenaris de xarxes del futur, caracteritzats per aplicacions de missió critica, sensibles al retard i sobre xarxes amb recursos limitats. Aquesta tesi contribueix a afrontar aquests reptes dividint el problema d’orquestració de serveis multi domini en dos subproblemes relacionats, que es resolen de manera coordinada. (1) Divisió / partició de la sol·licitud de servei (sub-problema 1), que implica l'obtenció d'un subconjunt d'InPs i els enllaços interdomini corresponents sobre els quals proporcionar les diferents VNF i enllaços virtuals de la sol·licitud de servei; (2) Orquestració VNF intradomini (sub-problema 2), que implica l'obtenció dels nodes i enllaços intradomini per aprovisionar les VNF i enllaços virtuals dels sub-SFC associats a cada InP. D'aquesta manera, la tesi estableix quatre objectius clau que són necessaris per alinear-se amb els casos d'ús de missió crítica i sensibles al retard previstos en 5G i xarxes futures en termes de cost de desplegament del servei i QoS: (1) mapatge coordinat de les sol·licituds de servei, amb l'objectiu de realitzar una millor utilització dels recursos del substrat; (2) orquestració de les sol·licituds de servei contemplant la supervivència del servei en situacions de fallides, minimitzant les violacions de la QoS i les sancions derivades d'aquestes violacions; (3) divulgació limitada de la informació interna de l’InP, per tal d'adherir-se als requisits de privadesa dels InPs, i (4) aconseguir tots els objectius anteriors en temps polinòmic. Per tal de realitzar els objectius anteriors, la tesi busca solucions que siguin: (1) capaces d'incorporar informació apresa en les solucions anteriors de l'espai de cerca i decisions de mapatge històric, donant lloc a un rendiment acceptable fins i tot en escenaris d'exposició limitada a la informació i entorns difusos; (2) robustes i menys dependents dels problemes específics, i per tant, que es poden adaptar a diferents objectius d'optimització, topologies de xarxa i restriccions de sol·licitud de servei, permetent així fer front a sol·licituds amb cadenes de funcions de topologies molt diverses; (3) capaces de fer front a un problema d'optimització de múltiples atributs, ja que a la pràctica, el cost de desplegament del servei depèn de múltiples costos; (4) capaces de trobar solucions gairebé òptimes en temps suficientment breus, resultant així adequades a escenaris sensibles al retard i amb limitació de recursos. La tesi proposa tres algorismes diferents per al sub-problema 1: un algorisme de RL, un algorisme genètic (GA) i un algorisme multi etapa basat en grafs i completament distribuït. A més, es proposen cinc algorismes diferents basats en l'enfocament de grafs, un algorisme GA, un algorisme de cerca d’harmonia, un algorisme de RL i un algorisme multi-etapa per al sub-problema 2. Finalment, per tal de guiar la implementació i l'adhesió de les propostes als quatre objectius principals de la tesi, es proposa...Postprint (published version

KALwEN: a new practical and interoperable key management scheme for body sensor networks

Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike

Segment Routing: a Comprehensive Survey of Research Activities, Standardization Efforts and Implementation Results

Fixed and mobile telecom operators, enterprise network operators and cloud providers strive to face the challenging demands coming from the evolution of IP networks (e.g. huge bandwidth requirements, integration of billions of devices and millions of services in the cloud). Proposed in the early 2010s, Segment Routing (SR) architecture helps face these challenging demands, and it is currently being adopted and deployed. SR architecture is based on the concept of source routing and has interesting scalability properties, as it dramatically reduces the amount of state information to be configured in the core nodes to support complex services. SR architecture was first implemented with the MPLS dataplane and then, quite recently, with the IPv6 dataplane (SRv6). IPv6 SR architecture (SRv6) has been extended from the simple steering of packets across nodes to a general network programming approach, making it very suitable for use cases such as Service Function Chaining and Network Function Virtualization. In this paper we present a tutorial and a comprehensive survey on SR technology, analyzing standardization efforts, patents, research activities and implementation results. We start with an introduction on the motivations for Segment Routing and an overview of its evolution and standardization. Then, we provide a tutorial on Segment Routing technology, with a focus on the novel SRv6 solution. We discuss the standardization efforts and the patents providing details on the most important documents and mentioning other ongoing activities. We then thoroughly analyze research activities according to a taxonomy. We have identified 8 main categories during our analysis of the current state of play: Monitoring, Traffic Engineering, Failure Recovery, Centrally Controlled Architectures, Path Encoding, Network Programming, Performance Evaluation and Miscellaneous...Comment: SUBMITTED TO IEEE COMMUNICATIONS SURVEYS & TUTORIAL