Availability-Guaranteed Service Function Chain Provisioning with Optional Shared Backups

The dynamic provisioning of Service Function Chain (SFC) using Virtual Network Functions (VNFs) is a challenging problem, especially for availability-constrained services. The provisioning of backup resources is often used to ensure that availability requirements are fulfilled. However, the assignment of backup resources should be carefully designed to avoid resource inefficiencies as much as possible.This paper proposes the Optional Backup with Shared Path and Shared Function (OBSPSF) strategy, which aims at improving resource efficiency while fulfilling the availability requirements of SFC requests. The strategy uses optional backup provisioning to ensure that backup resources are assigned only when strictly needed (i.e., when the SFC alone does not meet the availability constraint). Moreover, OBSPSF encourages backup sharing (among both connectivity and backup VNFs) to reduce the backup resource overhead. Results show that the strategy can accommodate orders-of-magnitude more services than benchmark heuristics from the literature

Storage Protection with Connectivity and Processing Restoration for Survivable Cloud Services

The operation and management of software-based communication systems and services is a big challenge for infrastructure and service providers.The challenge is mainly associated with the larger number of configurable elements and the higher dynamicity in the software-based systems compared to the classical ones. On the other hand, the modularity and programmability in software-based networks enabled by technologies like Software Defined Networking (SDN) and Network Function Virtualization (NFV) provide new opportunities for operators to realize advanced network and service management strategies beyond the classical techniques.In our work, we elaborate on these new opportunities and propose a novel strategy for the management of survivable cloud services.In particular, we leverage the flexibility of SDN and NFV to combine proactive protection and reactive restoration mechanisms and we put forward a novel strategy for enhancing the survivability of cloud services. Through comprehensive evaluations, we demonstrate that the proposed strategy offers significant benefits in terms of availability and restorability of services while reducing, at the same time, the overhead caused by the relocation of cloud services in case of failures

Building the Infrastructure for Cloud Security

Computer scienc

La seguridad en redes SDN y sus aplicaciones

Introduction: The review article is the product of the research on Security in SDN networks and their applications, developed at the District University in 2020, presenting the latest advances, that have been made in security. Problem: The security weaknesses that SDN networks have had, due to being a new architecture. This has not allowed traditional networks to be replaced.   Objective: To carry out a review of the state of the art of SDN networks, focusing research on the security of the control layer and its advances. Methodology: The descriptive method is implemented, consulting databases such as Scopus, IEEE and ScienceDirect, using the following search criteria: SDN networks, security in SDN networks, applications with SDN networks and OpenFlow protocol. It is shown as a research sample: the Asian, European and American continents with years of research from 2014 to 2020. Results: Great advances have been made in terms of security for SDN networks, which allows us to see an early solution to the weaknesses that it currently faces.   Conclusion: SDN networks will solve all the challenges they face and will be consolidated as a solid and reliable architecture.   Originality: an important focus is taken on the security of SDN networks and the great development that has occurred in this regard is evident.   Limitations: SDN networks are a new architecture, so their development has been very little and advances in security have been significantly affected.Introducción: El artículo de revisión es producto de la investigación Seguridad en redes SDN y sus aplicaciones, desarrollada en la Universidad Distrital en el año 2020, presentando los últimos avances que se han logrado en seguridad. Problema: Las debilidades en seguridad que han tenido las redes SDN debido a ser una arquitectura nueva, esto no ha permitido que se reemplacen las redes tradicionales. Objetivo: realizar una revisión del estado del arte de las redes SDN enfocando la investigación la seguridad de la capa de control y sus avances. Metodología: se emplea el método descriptivo, se consultaron bases de datos como Scopus, IEEE y ScienceDirect, utilizando los siguientes criterios de búsqueda: SDN networks, security in SDN networks, applications with SDN networks y OpenFlow protocol, se tomó como muestra de investigación a los continentes asiático, europeo y americano con años de investigación desde el año 2014 hasta el año 2020. Resultados: se han desarrollado grandes avances en seguridad para las redes SDN, lo que permite ver una pronta solución a las debilidades que afronta en la actualidad. Conclusión: las redes SDN lograran resolver todos los retos a los que se enfrentan y se consolidara como una arquitectura sólida y confiable. Originalidad: se realiza un enfoque importante en la seguridad de las redes SDN y se evidencia el gran desarrollo que se ha presentado en este aspecto. Limitaciones: las redes SDN son una arquitectura nueva por lo que su desarrollo ha sido muy poco y los avances en seguridad se vieron afectados significativamente

Availability in mobile application in IaaS cloud

Deploying software system into IaaS cloud takes infrastructure out of user's control, which diminishes visibility and changes system administration. Service outages of infrastructure services and other risks to availability have caused concern for early users of cloud. In this thesis existing web application, which is deployed in IaaS cloud, was evaluated for availability. Whole spectrum of different cloud related incidents that compromises provided service was examined. General view from availability point of view of the case Internet service was formed based on interviews. Big cloud service providers have service level agreements effective and long cloud outages are rare events. Cloud service providers build mutually independent domains or zones into infrastructure. Internet availability is largely determinative of users' perceived performance of site. Using multiple cloud service providers is a solution to cloud service unavailability. Case company had discovered requirements for availability and sufficiently prevented threats. Case company was satisfied in cloud services and there is no need to withdraw from cloud. User is a significant threat to the dependability of system, but there are no definite means to prevent user from damaging system. Taking routinely and regularly backups of data outside the cloud is the core activity in IT crisis preparedness. Application architecture was evaluated and found satisfactory. Software system contains managed database service and load balancer as an advanced feature from IaaS provider. Both services give crucial support for the availability of the system. Examined system has conceptually simple stateless recovery.Ohjelmiston käyttö IaaS -pilvessä saattaa infrastruktuurin käyttäjän kontrollin ulottumattomiin, mikä heikentää näkyvyyttä ja muuttaa järjestelmän hallintaa. Palvelukatkot infrastruktuuripalveluissa ja muut riskit saatavuudelle ovat aiheuttaneet varovaisuutta pilvipalveluiden varhaisissa käyttäjissä. Tässä diplomityössä evaluoitiin olemassa olevan ja IaaS -pilvessä käytettävän web-sovelluksen saatavuutta. Kokonainen kirjo erilaisia pilveen liittyviä tapahtumia, jotka keskeyttävät tarjotun palvelun, tutkittiin. Yleiskuva saatavuuden näkökulmasta katsottuna muodostettiin haastattelujen pohjalta. Suurilla pilvipalveluiden tarjoajilla on voimassa olevat palvelutasosopimukset ja pitkät palvelukatkot ovat harvinaisia tapahtumia. Pilvipalveluiden tarjoajat rakentavat infrastruktuuriin toisistaan riippumattomasti toimivia alueita. Suurelta osalta määräävä tekijä käyttäjien kokeman sivuston suorituskyvyn kannalta on Internetin kautta palveluun liittymisen saatavuus. Useamman pilvipalvelun tarjoajan käyttäminen on ratkaisu pilvipalvelun saatavuuteen. Case-yritys oli löytänyt vaatimukset saatavuudelle ja riittävällä tavalla estänyt riskien toteutumisen. Case-yritys oli tyytyväinen pilvipalveluihin ja pilvestä pois vetäytymiselle ei ole tarvetta. Käyttäjä on merkittävä riski järjestelmän luotettavuudelle, mutta ei ole varmoja tapoja estää käyttäjää vahingoittamasta järjestelmää. Keskeinen toiminto tietotekniseen kriisiin varautumisessa on rutiininomainen ja säännöllinen varmuuskopioiden teko. Sovelluksen arkkitehtuuria evaluoitiin ja se havaittiin tarpeita vastaavaksi. Ohjelmistojärjestelmä sisältää palveluntarjoajan ylläpitämän tietokantapalvelun ja web-palvelimien tietoliikenteen kuorman tasaajan IaaS -palvelun edistyneinä ominaisuuksina. Molemmat palvelut tukevat ratkaisevasti järjestelmän saatavuutta. Tarkastellussa järjestelmässä on käsitteellisesti yksinkertainen tilaton järjestelmän palautuminen

A new MDA-SOA based framework for intercloud interoperability

Cloud computing has been one of the most important topics in Information Technology which aims to assure scalable and reliable on-demand services over the Internet. The expansion of the application scope of cloud services would require cooperation between clouds from different providers that have heterogeneous functionalities. This collaboration between different cloud vendors can provide better Quality of Services (QoS) at the lower price. However, current cloud systems have been developed without concerns of seamless cloud interconnection, and actually they do not support intercloud interoperability to enable collaboration between cloud service providers. Hence, the PhD work is motivated to address interoperability issue between cloud providers as a challenging research objective. This thesis proposes a new framework which supports inter-cloud interoperability in a heterogeneous computing resource cloud environment with the goal of dispatching the workload to the most effective clouds available at runtime. Analysing different methodologies that have been applied to resolve various problem scenarios related to interoperability lead us to exploit Model Driven Architecture (MDA) and Service Oriented Architecture (SOA) methods as appropriate approaches for our inter-cloud framework. Moreover, since distributing the operations in a cloud-based environment is a nondeterministic polynomial time (NP-complete) problem, a Genetic Algorithm (GA) based job scheduler proposed as a part of interoperability framework, offering workload migration with the best performance at the least cost. A new Agent Based Simulation (ABS) approach is proposed to model the inter-cloud environment with three types of agents: Cloud Subscriber agent, Cloud Provider agent, and Job agent. The ABS model is proposed to evaluate the proposed framework.Fundação para a Ciência e a Tecnologia (FCT) - (Referencia da bolsa: SFRH SFRH / BD / 33965 / 2009) and EC 7th Framework Programme under grant agreement n° FITMAN 604674 (http://www.fitman-fi.eu

Transforming Large-Scale Virtualized Networks: Advancements in Latency Reduction, Availability Enhancement, and Security Fortification

In today’s digital age, the increasing demand for networks, driven by the proliferation of connected devices, data-intensive applications, and transformative technologies, necessitates robust and efficient network infrastructure. This thesis addresses the challenges posed by virtualization in 5G networking and focuses on enhancing next-generation Radio Access Networks (RANs), particularly Open-RAN (O-RAN). The objective is to transform virtualized networks into highly reliable, secure, and latency-aware systems. To achieve this, the thesis proposes novel strategies for virtual function placement, traffic steering, and virtual function security within O-RAN. These solutions utilize optimization techniques such as binary integer programming, mixed integer binary programming, column generation, and machine learning algorithms, including supervised learning and deep reinforcement learning. By implementing these contributions, network service providers can deploy O-RAN with enhanced reliability, speed, and security, specifically tailored for Ultra-Reliable and Low Latency Communications use cases. The optimized RAN virtualization achieved through this research unlocks a new era in network architecture that can confidently support URLLC applications, including Autonomous Vehicles, Industrial Automation and Robotics, Public Safety and Emergency Services, and Smart Grids