4,469 research outputs found
Introducing Development Features for Virtualized Network Services
Network virtualization and softwarizing network functions are trends aiming
at higher network efficiency, cost reduction and agility. They are driven by
the evolution in Software Defined Networking (SDN) and Network Function
Virtualization (NFV). This shows that software will play an increasingly
important role within telecommunication services, which were previously
dominated by hardware appliances. Service providers can benefit from this, as
it enables faster introduction of new telecom services, combined with an agile
set of possibilities to optimize and fine-tune their operations. However, the
provided telecom services can only evolve if the adequate software tools are
available. In this article, we explain how the development, deployment and
maintenance of such an SDN/NFV-based telecom service puts specific requirements
on the platform providing it. A Software Development Kit (SDK) is introduced,
allowing service providers to adequately design, test and evaluate services
before they are deployed in production and also update them during their
lifetime. This continuous cycle between development and operations, a concept
known as DevOps, is a well known strategy in software development. To extend
its context further to SDN/NFV-based services, the functionalities provided by
traditional cloud platforms are not yet sufficient. By giving an overview of
the currently available tools and their limitations, the gaps in DevOps for
SDN/NFV services are highlighted. The benefit of such an SDK is illustrated by
a secure content delivery network service (enhanced with deep packet inspection
and elastic routing capabilities). With this use-case, the dynamics between
developing and deploying a service are further illustrated
HIL: designing an exokernel for the data center
We propose a new Exokernel-like layer to allow mutually untrusting physically deployed services to efficiently share the resources of a data center. We believe that such a layer offers not only efficiency gains, but may also enable new economic models, new applications, and new security-sensitive uses. A prototype (currently in active use) demonstrates that the proposed layer is viable, and can support a variety of existing provisioning tools and use cases.Partial support for this work was provided by the MassTech Collaborative Research Matching Grant Program, National Science Foundation awards 1347525 and 1149232 as well as the several commercial partners of the Massachusetts Open Cloud who may be found at http://www.massopencloud.or
Deploying Virtual Machines on Shared Platforms
In this report, we describe mechanisms for secure deployment of virtual machines on shared platforms looking into a telecommunication cloud use case, which is also presented in this report. The architecture we present focuses on the security requirements of the major stakeholders’ part of the scenario we present. This report comprehensively covers all major security aspects including different security mechanisms and protocols, leveraging existing standards and state-of-the art wherever applicable. In particular, our architecture uses TCG technologies for trust establishment in the deployment of operator virtual machines on shared resource platforms. We also propose a novel procedure for securely launching and cryptographically binding a virtual machine to a target platform thereby protecting the operator virtual machine and its related credentials
- …