14,343 research outputs found
Impact of SDN Controllers Deployment on Network Availability
Software-defined networking (SDN) promises to improve the programmability and
flexibility of networks, but it may bring also new challenges that need to be
explored. The purpose of this technical report is to assess how the deployment
of the SDN controllers affects the overall availability of SDN. For this, we
have varied the number, homing and location of SDN controllers. A two-level
modelling approach that is used to evaluate the availability of the studied
scenarios. Our results show how network operators can use the approach to find
the optimal cost implied by the connectivity of the SDN control platform by
keeping high levels of availability.Comment: Department of Telematics, NTNU, Tech. Rep., March 201
ANCHOR: logically-centralized security for Software-Defined Networks
While the centralization of SDN brought advantages such as a faster pace of
innovation, it also disrupted some of the natural defenses of traditional
architectures against different threats. The literature on SDN has mostly been
concerned with the functional side, despite some specific works concerning
non-functional properties like 'security' or 'dependability'. Though addressing
the latter in an ad-hoc, piecemeal way, may work, it will most likely lead to
efficiency and effectiveness problems. We claim that the enforcement of
non-functional properties as a pillar of SDN robustness calls for a systemic
approach. As a general concept, we propose ANCHOR, a subsystem architecture
that promotes the logical centralization of non-functional properties. To show
the effectiveness of the concept, we focus on 'security' in this paper: we
identify the current security gaps in SDNs and we populate the architecture
middleware with the appropriate security mechanisms, in a global and consistent
manner. Essential security mechanisms provided by anchor include reliable
entropy and resilient pseudo-random generators, and protocols for secure
registration and association of SDN devices. We claim and justify in the paper
that centralizing such mechanisms is key for their effectiveness, by allowing
us to: define and enforce global policies for those properties; reduce the
complexity of controllers and forwarding devices; ensure higher levels of
robustness for critical services; foster interoperability of the non-functional
property enforcement mechanisms; and promote the security and resilience of the
architecture itself. We discuss design and implementation aspects, and we prove
and evaluate our algorithms and mechanisms, including the formalisation of the
main protocols and the verification of their core security properties using the
Tamarin prover.Comment: 42 pages, 4 figures, 3 tables, 5 algorithms, 139 reference
5G Multi-access Edge Computing: Security, Dependability, and Performance
The main innovation of the Fifth Generation (5G) of mobile networks is the
ability to provide novel services with new and stricter requirements. One of
the technologies that enable the new 5G services is the Multi-access Edge
Computing (MEC). MEC is a system composed of multiple devices with computing
and storage capabilities that are deployed at the edge of the network, i.e.,
close to the end users. MEC reduces latency and enables contextual information
and real-time awareness of the local environment. MEC also allows cloud
offloading and the reduction of traffic congestion. Performance is not the only
requirement that the new 5G services have. New mission-critical applications
also require high security and dependability. These three aspects (security,
dependability, and performance) are rarely addressed together. This survey
fills this gap and presents 5G MEC by addressing all these three aspects.
First, we overview the background knowledge on MEC by referring to the current
standardization efforts. Second, we individually present each aspect by
introducing the related taxonomy (important for the not expert on the aspect),
the state of the art, and the challenges on 5G MEC. Finally, we discuss the
challenges of jointly addressing the three aspects.Comment: 33 pages, 11 figures, 15 tables. This paper is under review at IEEE
Communications Surveys & Tutorials. Copyright IEEE 202
Resource Allocation in Networking and Computing Systems: A Security and Dependability Perspective
In recent years, there has been a trend to integrate networking and computing systems, whose management is getting increasingly complex. Resource allocation is one of the crucial aspects of managing such systems and is affected by this increased complexity. Resource allocation strategies aim to effectively maximize performance, system utilization, and profit by considering virtualization technologies, heterogeneous resources, context awareness, and other features. In such complex scenario, security and dependability are vital concerns that need to be considered in future computing and networking systems in order to provide the future advanced services, such as mission-critical applications. This paper provides a comprehensive survey of existing literature that considers security and dependability for resource allocation in computing and networking systems. The current research works are categorized by considering the allocated type of resources for different technologies, scenarios, issues, attributes, and solutions. The paper presents the research works on resource allocation that includes security and dependability, both singularly and jointly. The future research directions on resource allocation are also discussed. The paper shows how there are only a few works that, even singularly, consider security and dependability in resource allocation in the future computing and networking systems and highlights the importance of jointly considering security and dependability and the need for intelligent, adaptive and robust solutions. This paper aims to help the researchers effectively consider security and dependability in future networking and computing systems.publishedVersio
Proactive cloud management for highly heterogeneous multi-cloud infrastructures
Various literature studies demonstrated that the cloud computing paradigm can help to improve availability and performance of applications subject to the problem of software anomalies. Indeed, the cloud resource provisioning model enables users to rapidly access new processing resources, even distributed over different geographical regions, that can be promptly used in the case of, e.g., crashes or hangs of running machines, as well as to balance the load in the case of overloaded machines. Nevertheless, managing a complex geographically-distributed cloud deploy could be a complex and time-consuming task. Autonomic Cloud Manager (ACM) Framework is an autonomic framework for supporting proactive management of applications deployed over multiple cloud regions. It uses machine learning models to predict failures of virtual machines and to proactively redirect the load to healthy machines/cloud regions. In this paper, we study different policies to perform efficient proactive load balancing across cloud regions in order to mitigate the effect of software anomalies. These policies use predictions about the mean time to failure of virtual machines. We consider the case of heterogeneous cloud regions, i.e regions with different amount of resources, and we provide an experimental assessment of these policies in the context of ACM Framework
- …