On the placement of security-related Virtualised Network Functions over data center networks

Middleboxes are typically hardware-accelerated appliances such as firewalls, proxies, WAN optimizers, and NATs that play an important role in service provisioning over today's data centers. Reports show that the number of middleboxes is on par with the number of routers, and consequently represent a significant commitment from an operator's capital and operational expenditure budgets. Over the past few years, software middleboxes known as Virtual Network Functions (VNFs) are replacing the hardware appliances to reduce cost, improve the flexibility of deployment, and allow for extending network functionality in short timescales. This dissertation aims at identifying the unique characteristics of security modules implementation as VNFs in virtualised environments. We focus on the placement of the security VNFs to minimise resource usage without violating the security imposed constraints as a challenge faced by operators today who want to increase the usable capacity of their infrastructures. The work presented here, focuses on the multi-tenant environment where customised security services are provided to tenants. The services are implemented as a software module deployed as a VNF collocated with network switches to reduce overhead. Furthermore, the thesis presents a formalisation for the resource-aware placement of security VNFs and provides a constraint programming solution along with examining heuristic, meta-heuristic and near-optimal/subset-sum solutions to solve larger size problems in reduced time. The results of this work identify the unique and vital constraints of the placement of security functions. They demonstrate that the granularity of the traffic required by the security functions imposes traffic constraints that increase the resource overhead of the deployment. The work identifies the north-south traffic in data centers as the traffic designed for processing for security functions rather than east-west traffic. It asserts that the non-sharing strategy of security modules will reduce the complexity in case of the multi-tenant environment. Furthermore, the work adopts on-path deployment of security VNF traffic strategy, which is shown to reduce resources overhead compared to previous approaches

Planning and Management of Cloud Computing Networks

Résumé L’évolution de l’internet a un effet important sur une grande partie de la population mondiale. On l’utilise pour communiquer, consulter de l’information, travailler et se divertir. Son utilité exceptionnelle a conduit à une explosion de la quantité d’applications et de ressources informatiques. Cependant, la croissance du réseau entraîne une importante consommation énergétique. Si la consommation énergétique des réseaux de télécommunications et des centres de données était celle d’un pays, il se classerait 5e pays du monde. Pis, le nombre de serveurs dans le monde devrait être multiplié par 10 entre 2013 et 2020. Ce contexte nous a motivé à étudier des techniques et des méthodes pour affecter les ressources d’une façon optimale par rapport aux coûts, à la qualité de service, à la consommation énergétique et `a l’impact écologique. Les résultats que nous avons obtenus minimisent les dépenses d’investissement (CAPEX) et les dépenses d’exploitation (OPEX), réduisent d’un facteur 6 le temps de réponse, diminuent la consommation énergétique de 30% et divisent les émissions de CO2 par un facteur 60. L’infonuagique permet l’accès dynamique aux ressources informatiques comme un service. Les programmes sont exécutés sur des serveurs connectés `a l’internet, et les usagers peuvent les utiliser depuis leurs ordinateurs et dispositifs mobiles. Le premier avantage de cette architecture est de réduire le temps de mise en place des applications et l’interopérabilité. En effet, un nouvel utilisateur n’a besoin que d’un navigateur web. Il n’est forcé ni d’installer de programmes sur son ordinateur, ni de posséder un système d’exploitation spécifique. Le deuxième avantage est la disponibilité des applications et de l’information de fa ̧con continue. Celles-ci peuvent être utilisées `a partir de n’importe quel endroit et de n’importe quel dis- positif connecté `a l’internet. De plus, les serveurs et les ressources informatiques peuvent être affectés aux applications de fa ̧con dynamique, selon la quantité d’utilisateurs et la charge de travail. C’est ce que l’on appelle l’élasticité des applications.---------- Abstract The evolution of the Internet has a great impact on a big part of the population. People use it to communicate, query information, receive news, work, and as entertainment. Its extraordinary usefulness as a communication media made the number of applications and technological resources explode. However, that network expansion comes at the cost of an important power consumption. If the power consumption of telecommunication networks and data centers is considered as the power consumption of a country, it would rank at the 5th place in the world. Furthermore, the number of servers in the world is expected to grow by a factor of 10 between 2013 and 2020. This context motivates us to study techniques and methods to allocate cloud computing resources in an optimal way with respect to cost, quality of service (QoS), power consumption, and environmental impact. The results we obtained from our test cases show that besides minimizing capital expenditures (CAPEX) and operational expenditures (OPEX), the response time can be reduced up to 6 times, power consumption by 30%, and CO2 emissions by a factor of 60. Cloud computing provides dynamic access to IT resources as a service. In this paradigm, programs are executed in servers connected to the Internet that users access from their computers and mobile devices. The first advantage of this architecture is to reduce the time of application deployment and interoperability, because a new user only needs a web browser and does not need to install software on local computers with specific operating systems. Second, applications and information are available from everywhere and with any device with an Internet access

A Review On Green Cloud Computing

The objective of green computing is to reap monetary growth and enhance the way the computing devices are used. In large data centers computational offloading is main problem due to increased demand for timely and response for real time application which lead to high energy consumption by data centers, so the aim of green computing is to find energy efficient solution which monopolize optimal utilization of the available resources. Green IT methods comprises of environmentally viable management, energy efficient computers and enhanced recycling procedures. By using different algorithm and energy efficient scheduling power consumption of virtual machine can be minimize, this paper provide an overview of different algorithms and techniques which are used to move towards the green computing

Resource Orchestration in Softwarized Networks

Network softwarization is an emerging research area that is envisioned to revolutionize the way network infrastructure is designed, operated, and managed today. Contemporary telecommunication networks are going through a major transformation, and softwarization is recognized as a crucial enabler of this transformation by both academia and industry. Softwarization promises to overcome the current ossified state of Internet network architecture and evolve towards a more open, agile, flexible, and programmable networking paradigm that will reduce both capital and operational expenditures, cut-down time-to-market of new services, and create new revenue streams. Software-Defined Networking (SDN) and Network Function Virtualization (NFV) are two complementary networking technologies that have established themselves as the cornerstones of network softwarization. SDN decouples the control and data planes to provide enhanced programmability and faster innovation of networking technologies. It facilitates simplified network control, scalability, availability, flexibility, security, cost-reduction, autonomic management, and fine-grained control of network traffic. NFV utilizes virtualization technology to reduce dependency on underlying hardware by moving packet processing activities from proprietary hardware middleboxes to virtualized entities that can run on commodity hardware. Together SDN and NFV simplify network infrastructure by utilizing standardized and commodity hardware for both compute and networking; bringing the benefits of agility, economies of scale, and flexibility of data centers to networks. Network softwarization provides the tools required to re-architect the current network infrastructure of the Internet. However, the effective application of these tools requires efficient utilization of networking resources in the softwarized environment. Innovative techniques and mechanisms are required for all aspects of network management and control. The overarching goal of this thesis is to address several key resource orchestration challenges in softwarized networks. The resource allocation and orchestration techniques presented in this thesis utilize the functionality provided by softwarization to reduce operational cost, improve resource utilization, ensure scalability, dynamically scale resource pools according to demand, and optimize energy utilization

Optimized resource distribution for interactive TV applications

This paper proposes a novel resource optimization scheme for cloud-based interactive television applications that are increasingly believed to be the future of television broadcasting and media consumption, in general. The varying distribution of groups of users and the need for on-the-fly media processing inherent to this type of application necessitates a mechanism to efficiently allocate the resources at both a content and network level. A heuristic solution is proposed in order to (a) generate end-to-end delay bound multicast trees for individual groups of users and (b) co-locate multiple multicast trees, such that a minimum group quality metric can be satisfied. The performance of the proposed heuristic solution is evaluated in terms of the serving probability (i.e., the resource utilization efficiency) and execution time of the resource allocation decision making process. It is shown that improvements in the serving probability of up to 50%, in comparison with existing resource allocation schemes, and several orders of magnitude reduction of the execution time, in comparison to the linear programming approach to solving the optimization problem, can be achieved

Cloud computing resource scheduling and a survey of its evolutionary approaches

A disruptive technology fundamentally transforming the way that computing services are delivered, cloud computing offers information and communication technology users a new dimension of convenience of resources, as services via the Internet. Because cloud provides a finite pool of virtualized on-demand resources, optimally scheduling them has become an essential and rewarding topic, where a trend of using Evolutionary Computation (EC) algorithms is emerging rapidly. Through analyzing the cloud computing architecture, this survey first presents taxonomy at two levels of scheduling cloud resources. It then paints a landscape of the scheduling problem and solutions. According to the taxonomy, a comprehensive survey of state-of-the-art approaches is presented systematically. Looking forward, challenges and potential future research directions are investigated and invited, including real-time scheduling, adaptive dynamic scheduling, large-scale scheduling, multiobjective scheduling, and distributed and parallel scheduling. At the dawn of Industry 4.0, cloud computing scheduling for cyber-physical integration with the presence of big data is also discussed. Research in this area is only in its infancy, but with the rapid fusion of information and data technology, more exciting and agenda-setting topics are likely to emerge on the horizon

Algorithms for advance bandwidth reservation in media production networks

Media production generally requires many geographically distributed actors (e.g., production houses, broadcasters, advertisers) to exchange huge amounts of raw video and audio data. Traditional distribution techniques, such as dedicated point-to-point optical links, are highly inefficient in terms of installation time and cost. To improve efficiency, shared media production networks that connect all involved actors over a large geographical area, are currently being deployed. The traffic in such networks is often predictable, as the timing and bandwidth requirements of data transfers are generally known hours or even days in advance. As such, the use of advance bandwidth reservation (AR) can greatly increase resource utilization and cost efficiency. In this paper, we propose an Integer Linear Programming formulation of the bandwidth scheduling problem, which takes into account the specific characteristics of media production networks, is presented. Two novel optimization algorithms based on this model are thoroughly evaluated and compared by means of in-depth simulation results

QoS-aware Cloud Infrastructure Provisioning in Heterogeneous Environments

Over the last decades Information Technology (IT) has become an enabler for nearly all businesses from industrial production to finance. The IT resources required for these business activities are usually provided by local and remote data centers. Although most resources are still hosted in companies’ proprietary data centers, cloud computing initiated a paradigm shift in IT service provisioning from owning to leasing resources and services. Today, over 50% of German companies use cloud services while shifting services into the cloud has become an emerging trend. Cloud computing, which is often referred to as the fifth utility in addition to water, electricity, gas, and telephony, provides commoditized computation resources that are available any time on demand in the required quantity. However, in contrast to other commodities, a single quality level is insufficient for IT service provisioning. Instead, the required quality for a provided IT service depends on the various functional and non-functional requirements. For example, highly interactive applications such as cloud gaming require a high quality level in terms of latency. Providers of cloud services have to face a highly competitive market. Cost advantages in cloud computing are primarily achieved by utilizing large centralized data centers at low-cost locations. However, this kind of resource provisioning impacts the quality of service of different types of services such as the aforementioned interactive multimedia services that possess strict quality of service constraints. Hence, infrastructure providers have to face a trade-off between cost reduction and adherence to the required Quality of Service (QoS) attributes. Apart from how services are provisioned, the way of consuming IT services also changed substantially over the last years. Mobile devices have begun to replace locally installed desktop computers at an accelerated pace. By utilizing these mobile devices, service providers are confronted with two major challenges: (i) a cellular network connection, which potentially causes a higher and more fluctuating latency and (ii) severely limited resources compared to local Personal Computers (PCs). These two aspects restrict the utilization of multimedia services, e. g., cloud gaming. To address these challenges, we present two novel approaches for (i) resource planning on a global level for multiple services with heterogeneous QoS characteristics and (ii) the augmentation of the centralized cloud infrastructure with locally installed resources to provide viable multimedia services to mobile devices. As the first major contribution, we introduce the Cloud Data Center Selection Problem (CDCSP). This problem describes the data center placement and resource selection on a global scale. We consider the role of a cloud provider, who aims to dimension resources in a cost-minimal fashion under the consideration of multiple services with different QoS attributes. Based on a mathematical optimization model, we propose the exact solution approach CDCSP-EXA.KOM. Due to the high complexity and the resulting computational effort to find the optimal solution, we propose and analyze four heuristic approaches to identify the most appropriate one for the given problem. As a first heuristic, we propose an approach based on linear program relaxation, CDCSP-REL.KOM. Furthermore, to take the specific structure of the problem into consideration, we develop the custom tailored CDCSP-PBST.KOM approach, which is based on a prioritized processing of demands and supplies. To further improve the results, we combine multiple heuristics to a Best-of-Breed approach, named CDCSP-BoB. KOM. Finally, as a metaheuristic improvement procedure, we propose the tabu search approach CDCSP-TS.KOM. To assess the practical applicability and performance of these optimization approaches, we analyze them in detail and compare their performance in a quantitatively. The second major contribution of this work addresses the augmentation of the centralized cloud infrastructure with local resources to provide services to mobile devices. Therefore, we formulate the Dynamic Cloudlet Placement and Selection Problem (DCPSP), as a multi-period resource planning problem, which includes local characteristics, such as space for hosting resources and available network bandwidth. We focus on a cloud provider who aims to augment the centralized infrastructure using local resources to improve the QoS guarantees for mobile used applications. We formalize the problem as a mathematical optimization model and derive the exact solution approach DCPSP-EXA.KOM. Due to the high complexity that is caused by an optimization over many time slots, we propose the heuristic optimization approach DCPSP-HEU.KOM. We assess the performance of these two approaches by the means of quantitative evaluation. In summary, the contributions of this thesis provide the means for a cost-efficient and QoS-aware resource selection in cloud infrastructures. We contribute the formalization of the problems and algorithms to support the efficient planning of future cloud infrastructures in environments with a multitude of heterogeneous services on a global scale. Furthermore, to enable mobile users to consume multimedia cloud services, we propose an optimization model and algorithms to augment a global centralized infrastructure by local resource units