A New Paradigm to Address Threats for Virtualized Services

With the uptaking of virtualization technologies and the growing usage of public cloud infrastructures, an ever larger number of applications run outside of the traditional enterprise’s perimeter, and require new security paradigms that fit the typical agility and elasticity of cloud models in service creation and management. Though some recent proposals have integrated security appliances in the logical application topology, we argue that this approach is sub-optimal. Indeed, we believe that embedding security agents in virtualization containers and delegating the control logic to the software orchestrator provides a much more effective, flexible, and scalable solution to the problem. In this paper, we motivate our mindset and outline a novel framework for assessing cyber-threats of virtualized applications and services. We also review existing technologies that build the foundation of our proposal, which we are going to develop in the context of a joint research project

Cloud-assisted body area networks: state-of-the-art and future challenges

Body area networks (BANs) are emerging as enabling technology for many human-centered application domains such as health-care, sport, fitness, wellness, ergonomics, emergency, safety, security, and sociality. A BAN, which basically consists of wireless wearable sensor nodes usually coordinated by a static or mobile device, is mainly exploited to monitor single assisted livings. Data generated by a BAN can be processed in real-time by the BAN coordinator and/or transmitted to a server-side for online/offline processing and long-term storing. A network of BANs worn by a community of people produces large amount of contextual data that require a scalable and efficient approach for elaboration and storage. Cloud computing can provide a flexible storage and processing infrastructure to perform both online and offline analysis of body sensor data streams. In this paper, we motivate the introduction of Cloud-assisted BANs along with the main challenges that need to be addressed for their development and management. The current state-of-the-art is overviewed and framed according to the main requirements for effective Cloud-assisted BAN architectures. Finally, relevant open research issues in terms of efficiency, scalability, security, interoperability, prototyping, dynamic deployment and management, are discussed

NECOS Project: Towards Lightweight Slicing of Cloud Federated Infrastructures

The Novel Enablers for Cloud Slicing (NECOS) project addresses the limitations of current cloud computing infrastructures to respond to the demand for new services, as presented in two use-cases, that will drive the whole execution of the project. The first use-case is focused on Telco service provider and is oriented towards the adoption of cloud computing in their large networks. The second use-case is targeting the use of edge clouds to support devices with low computation and storage capacity. The envisaged solution is based on a new concept, the Lightweight Slice Defined Cloud (LSDC), as an approach that extends the virtualization to all the resources in the involved networks and data centers and provides uniform management with a high-level of orchestration. In this position paper, we discuss the motivation, objectives, architecture, research challenges (and how to overcome them) and initial efforts for the NECOS project

CogITS: Cognition-enabled network management for 5G V2X Communication

The 5G promise for ubiquitous communications is expected to be a key enabler for transportation efficiency. However, the consequent increase of both data payload and number of users derived from new Intelligent Transport Systems makes network management even more challenging; an ideal network management will need to be capable of self-managing fast moving nodes that sit in the 5G data plane. Platooning applications, for instance, need a highly flexible and high efficient infrastructure for optimal road capacity. Network management solutions have, then, to accommodate more intelligence in its decision-making process due to the network complexity of ITS. This paper proposes this envisioned architecture namely Cognition-enabled network management for 5G V2X Communication (CogITS). It is empowered by machine learning to dynamically allocate resources in the network based on traffic prediction and adaptable physical layer settings. Preliminary proof-of-concept validation results, in a platooning scenario, show that the proposed architecture can improve the overall network latency over time with a minimum increase of control message traffic

Self-Organization and Resilience for Networked Systems:Design Principles and Open Research Issues

Networked systems form the backbone of modern society, underpinning critical infrastructures such as electricity, water, transport and commerce, and other essential services (e.g., information, entertainment, and social networks). It is almost inconceivable to contemplate a future without even more dependence on them. Indeed, any unavailability of such critical systems is--even for short periods--a rather bleak prospect. However, due to their increasing size and complexity, they also require some means of autonomic formation and self-organization. This paper identifies the design principles and open research issues in the twin fields of self-organization and resilience for networked systems. In combination, they offer the prospect of combating threats and allowing essential services that run on networked systems to continue operating satisfactorily. This will be achieved, on the one hand, through the (self-)adaptation of networked systems and, on the other hand, through structural and operational resilience techniques to ensure that they can detect, defend against, and ultimately withstand challenges

View on 5G Architecture: Version 2.0

The 5G Architecture Working Group as part of the 5GPPP Initiative is looking at capturing novel trends and key technological enablers for the realization of the 5G architecture. It also targets at presenting in a harmonized way the architectural concepts developed in various projects and initiatives (not limited to 5GPPP projects only) so as to provide a consolidated view on the technical directions for the architecture design in the 5G era. The first version of the white paper was released in July 2016, which captured novel trends and key technological enablers for the realization of the 5G architecture vision along with harmonized architectural concepts from 5GPPP Phase 1 projects and initiatives. Capitalizing on the architectural vision and framework set by the first version of the white paper, this Version 2.0 of the white paper presents the latest findings and analyses with a particular focus on the concept evaluations, and accordingly it presents the consolidated overall architecture design