Leveraging Semantic Web Technologies for Managing Resources in a Multi-Domain Infrastructure-as-a-Service Environment

This paper reports on experience with using semantically-enabled network resource models to construct an operational multi-domain networked infrastructure-as-a-service (NIaaS) testbed called ExoGENI, recently funded through NSF's GENI project. A defining property of NIaaS is the deep integration of network provisioning functions alongside the more common storage and computation provisioning functions. Resource provider topologies and user requests can be described using network resource models with common base classes for fundamental cyber-resources (links, nodes, interfaces) specialized via virtualization and adaptations between networking layers to specific technologies. This problem space gives rise to a number of application areas where semantic web technologies become highly useful - common information models and resource class hierarchies simplify resource descriptions from multiple providers, pathfinding and topology embedding algorithms rely on query abstractions as building blocks. The paper describes how the semantic resource description models enable ExoGENI to autonomously instantiate on-demand virtual topologies of virtual machines provisioned from cloud providers and are linked by on-demand virtual connections acquired from multiple autonomous network providers to serve a variety of applications ranging from distributed system experiments to high-performance computing

Path computation in multi-layer networks: Complexity and algorithms

Carrier-grade networks comprise several layers where different protocols coexist. Nowadays, most of these networks have different control planes to manage routing on different layers, leading to a suboptimal use of the network resources and additional operational costs. However, some routers are able to encapsulate, decapsulate and convert protocols and act as a liaison between these layers. A unified control plane would be useful to optimize the use of the network resources and automate the routing configurations. Software-Defined Networking (SDN) based architectures, such as OpenFlow, offer a chance to design such a control plane. One of the most important problems to deal with in this design is the path computation process. Classical path computation algorithms cannot resolve the problem as they do not take into account encapsulations and conversions of protocols. In this paper, we propose algorithms to solve this problem and study several cases: Path computation without bandwidth constraint, under bandwidth constraint and under other Quality of Service constraints. We study the complexity and the scalability of our algorithms and evaluate their performances on real topologies. The results show that they outperform the previous ones proposed in the literature.Comment: IEEE INFOCOM 2016, Apr 2016, San Francisco, United States. To be published in IEEE INFOCOM 2016, \<http://infocom2016.ieee-infocom.org/\&g

Trends in Computer Network Modeling Towards the Future Internet

This article provides a taxonomy of current and past network modeling efforts. In all these efforts over the last few years we see a trend towards not only describing the network, but connected devices as well. This is especially current given the many Future Internet projects, which are combining different models, and resources in order to provide complete virtual infrastructures to users. An important mechanism for managing complexity is the creation of an abstract model, a step which has been undertaken in computer networks too. The fact that more and more devices are network capable, coupled with increasing popularity of the Internet, has made computer networks an important focus area for modeling. The large number of connected devices creates an increasing complexity which must be harnessed to keep the networks functioning. Over the years many different models for computer networks have been proposed, and used for different purposes. While for some time the community has moved away from the need of full topology exchange, this requirement resurfaced for optical networks. Subsequently, research on topology descriptions has seen a rise in the last few years. Many different models have been created and published, yet there is no publication that shows an overview of the different approaches.

An integrated SDN architecture for application driven networking

The target of our effort is the definition of a dynamic network architecture meeting the requirements of applications competing for reliable high performance network resources. These applications have different requirements regarding reli- ability, bandwidth, latency, predictability, quality, reliable lead time and allocatability. At a designated instance in time a virtual network has to be defined automatically for a limited period of time, based on an existing physical network infrastructure, which implements the requirements of an application. We suggest an integrated Software Defined Network (SDN) architecture providing highly customizable functionalities required for efficient data transfer. It consists of a service interface towards the application and an open network interface towards the physical infrastruc- ture. Control and forwarding plane are separated for better scalability. This type of architecture allows to negotiate the reser- vation of network resources involving multiple applications with different requirement profiles within multi-domain environments

Challenges and solutions for secure information centric networks: a case study of the NetInf architecture

A large number of emerging Internet applications require information dissemination across different organizational boundaries, heterogeneous platforms, and a large, dynamic population of publishers and subscribers. A new information-centric network architecture called Network of Information (NetInf) has been developed in the context of the FP7 EU-funded 4WARD project. This architecture can significantly improve large scale information distribution. Furthermore, it supports future mobile networks in situations with intermittent and heterogeneous connectivity and connects the digital with the physical world to enable better user experience. However, NetInf is still in an early stage of implementation and its security is yet to be evaluated. The security concern of NetInf is a major factor for its wide-scale adoption. Therefore, this paper uses the X.805 security standard to analyse the security of the NetInf architecture. The analysis highlights the main source of threats and potential security services to tackle them. The paper also defines a threat model in the form of possible attacks against the NetInf architecture

Challenges and solutions for secure information centric networks: a case study of the NetInf architecture

A large number of emerging Internet applications require information dissemination across different organizational boundaries, heterogeneous platforms, and a large, dynamic population of publishers and subscribers. A new information-centric network architecture called Network of Information (NetInf) has been developed in the context of the FP7 EU-funded 4WARD project. This architecture can significantly improve large scale information distribution. Furthermore, it supports future mobile networks in situations with intermittent and heterogeneous connectivity and connects the digital with the physical world to enable better user experience. However, NetInf is still in an early stage of implementation and its security is yet to be evaluated. The security concern of NetInf is a major factor for its wide-scale adoption. Therefore, this paper uses the X.805 security standard to analyse the security of the NetInf architecture. The analysis highlights the main source of threats and potential security services to tackle them. The paper also defines a threat model in the form of possible attacks against the NetInf architecture

Analisis Kerentanan Dan Kehandalan Layanan Jaringan Cloud Berbasis Platform Eucalyptus

Cloud computing is a computing paradigm that evolves from existing technology, such as grid computing, virtualization and the Internet. Cloud computing provides an illusion of unlimited computing resources, which can be accessed from anywhere, anytime. Despite the potential gains achieved from the cloud computing, the model security is still questionable which hindered adoption. The security problem becomes more complicated under the cloud model as new dimensions have entered into the problem scope related to the model architecture, multi-tenancy, elasticity, and layers dependency stack. Eucalyptus-based cloud network services widely deployed as private cloud infrastructure. Experiment on this paper focused on finding potential denial-of-service (DOS) and the impact on ability to provide services during attack. We observe an increase on response time up to 2863.22% during attack to the web-based management service. Reducing average system load to an acceptable level, help prevents disruption of the service, by implementing rate control and rate limit on cloud controller

A distributed topology information system for optical networks based on the semantic web

The research networking community has embraced novel network architectures to provide e-Science applications with dedicated connections instead of shared links. IP and optical services converge in these new infrastructures to form hybrid networks. Lightpaths are the services offered to clients in the optical portion of the network. They are chosen because they guarantee the appropriate QoS in terms of bandwidth and latency. NDL-the Network Description Language-is a data model offering users and providers of lightpaths with a common ontology to describe topology information of hybrid optical networks. The strength of NDL is that it supports a wide range of applications, including pathfinding, visualisation and asset management, via the definition of a common data model to exchange network descriptions. Since NDL is based on the Semantic Web techniques, it is straightforward to relate NDL with application-specific ontologies. In this paper we present the current status of the NDL schemas and its use in several applications