A Unified Algorithm for Virtual Desktops Placement in Distributed Cloud Computing

Distributed cloud has been widely adopted to support service requests from dispersed regions, especially for large enterprise which requests virtual desktops for multiple geodistributed branch companies. The cloud service provider (CSP) aims to deliver satisfactory services at the least cost. CSP selects proper data centers (DCs) closer to the branch companies so as to shorten the response time to user request. At the same time, it also strives to cut cost considering both DC level and server level. At DC level, the expensive long distance inter-DC bandwidth consumption should be reduced and lower electricity price is sought. Inside each tree-like DC, servers are trying to be used as little as possible so as to save equipment cost and power. In nature, there is a noncooperative relation between the DC level and server level in the selection. To attain these objectives and capture the noncooperative relation, multiobjective bilevel programming is used to formulate the problem. Then a unified genetic algorithm is proposed to solve the problem which realizes the selection of DC and server simultaneously. The extensive simulation shows that the proposed algorithm outperforms baseline algorithm in both quality of service guaranteeing and cost saving

Software Defined Networking for resource allocation and monitoring: virtualization and hardware acceleration

Le reti di telecomunicazioni sono presenti in modo sempre più pervasivo nella nostra vita di tutti i giorni, e sempre più persone le usano per un numero crescente di operazioni. Gli utenti hanno aspettative sempre maggiori per le performance della rete, usandole per diverse applicazioni, con livelli sempre più alti di interattività. Le reti quindi si trovano ad avere non solo traffici sempre maggiori, e differenti pattern di traffico, ma anche una domanda crescente in termini di prestazioni offerte. In questo scenario, diviene di fondamentale importanza identificare le aree dove apportare modifiche, e le tecnologie da sfruttare e implementare in questo processo. In questa tesi, vengono esplorate le possibilità offerte dalle nuove tecnologie di virtualizzazione: nuovi approcci che permettono di virtualizzare le reti, vedendole come risorse fisiche sulle quali costruire funzioni che possono essere independenti dall’infrastruttura sottostante, esattamente come già accade con i sistemi operativi per i computer, che offrono all’utente una versione virtualizzata delle risorse hardware disponibili. In particolare, in questa tesi, ci si concentra sul concetto di Software Defined Netowrking, e su come questo approccio possa essere usato nella pratica per fornire risposte ad alcune questioni ancora aperte. Allo stesso tempo, riteniamo che al fine di operare su reti ad alte prestazioni e con throughput di rilievo, ci sia bisogno di basare le considerazioni, le decisioni da prendere, su dati il più possibile precisi, forniti da strumenti in grado di raggiungere alte risoluzioni. Questo tipo di azioni richiedono l’utilizzo di hardware ad alte prestazioni per la misura e il monitoraggio, e anche questo aspetto è stato tenuto in considerazione in questo percorso di ricerca Communication networks are more and more present in everyday life, as more and more people use them for an increasing number of operations. Users have growing expectations about network performances, while they use them with different applications, with increasing levels of interactivity. Networks not only have to deal with higher traffics, different traffic patterns, new demands, but also with higher requirements for performing operations. In this scenario, it becomes of fundamental importance to identify novel promising technologies, and understand when, where and how to deploy them in the most effective ways. In this thesis, we explore the possibilities offered by virtualization technologies: novel approaches that allow to virtualize networks, seeing them as general physical resources on which to run functions that can be separated from the real underlying infrastructure, just as it happens with the well-known operating systems for computers, that offer to the user a virtualizes version of the pool of resources available. In particular, in this thesis, we focused on studying Software Defined Networking, and how such technology can be deployed to give answers to some open issues in networking. At the same time, we have always kept in mind that in order to perform high performance operations on networks that experience high throughputs, we need to base our calculations and decisions on precise data, and have tools that allow to reach higher precisions and resolutions. These kinds of actions require the deployment of high performing hardware for measuring and monitoring, and we have kept also this aspect in consideration in our researc

An integration of slicing, NFV, and SDN for mobility management in corporate environments

Online access to information while on the move has conferred businesses with the capability to be constantly accessible and in operation, independently of geographical area or time zone. There are situations, however, that demand technical solutions for specific scenarios, such as controlled access to corporate-based content. Virtual Private Networks (VPNs) allow controlled remote access to con-tent, supporting scenarios such as teleworking. Nonetheless, such mechanisms are not commonly associated with the highly mobile users of today, which can traverse different types of access networks, while still keeping access to con-tent restricted to corporate network usage. In addition, as VPN mechanisms are disassociated from mobility procedures, service disruption can happen or specific mechanisms and clients can be required in end-user's equipment. This paper proposes a framework that leverages Network Slicing, enabled by Software Defined Networking and Network Function Virtualisation, to provide seamless and isolated access to corporate-based content while moving through heterogeneous networks. This solution allows Mobile Network Operators to dynamically instantiate isolated network slices for corporate users, and handover them between 3GPP and non-3GPP networks while users move away from the corporate network. In this way, they are able to keep access to corporate-based content in a transparent way, while maintaining access requirements for the servicebeing used. The framework was implemented and validated over an experimental testbed composed by mobile and Wi-Fi accesses, with results presenting improvements in terms of overhead signaling and data redirection without downtime nor stream reconnection.publishe

AUTOMATED NETWORK SECURITY WITH EXCEPTIONS USING SDN

Campus networks have recently experienced a proliferation of devices ranging from personal use devices (e.g. smartphones, laptops, tablets), to special-purpose network equipment (e.g. firewalls, network address translation boxes, network caches, load balancers, virtual private network servers, and authentication servers), as well as special-purpose systems (badge readers, IP phones, cameras, location trackers, etc.). To establish directives and regulations regarding the ways in which these heterogeneous systems are allowed to interact with each other and the network infrastructure, organizations typically appoint policy writing committees (PWCs) to create acceptable use policy (AUP) documents describing the rules and behavioral guidelines that all campus network interactions must abide by. While users are the audience for AUP documents produced by an organization\u27s PWC, network administrators are the responsible party enforcing the contents of such policies using low-level CLI instructions and configuration files that are typically difficult to understand and are almost impossible to show that they do, in fact, enforce the AUPs. In other words, mapping the contents of imprecise unstructured sentences into technical configurations is a challenging task that relies on the interpretation and expertise of the network operator carrying out the policy enforcement. Moreover, there are multiple places where policy enforcement can take place. For example, policies governing servers (e.g., web, mail, and file servers) are often encoded into the server\u27s configuration files. However, from a security perspective, conflating policy enforcement with server configuration is a dangerous practice because minor server misconfigurations could open up avenues for security exploits. On the other hand, policies that are enforced in the network tend to rarely change over time and are often based on one-size-fits-all policies that can severely limit the fast-paced dynamics of emerging research workflows found in campus networks. This dissertation addresses the above problems by leveraging recent advances in Software-Defined Networking (SDN) to support systems that enable novel in-network approaches developed to support an organization\u27s network security policies. Namely, we introduce PoLanCO, a human-readable yet technically-precise policy language that serves as a middle-ground between the imprecise statements found in AUPs and the technical low-level mechanisms used to implement them. Real-world examples show that PoLanCO is capable of implementing a wide range of policies found in campus networks. In addition, we also present the concept of Network Security Caps, an enforcement layer that separates server/device functionality from policy enforcement. A Network Security Cap intercepts packets coming from, and going to, servers and ensures policy compliance before allowing network devices to process packets using the traditional forwarding mechanisms. Lastly, we propose the on-demand security exceptions model to cope with the dynamics of emerging research workflows that are not suited for a one-size-fits-all security approach. In the proposed model, network users and providers establish trust relationships that can be used to temporarily bypass the policy compliance checks applied to general-purpose traffic -- typically by network appliances that perform Deep Packet Inspection, thereby creating network bottlenecks. We describe the components of a prototype exception system as well as experiments showing that through short-lived exceptions researchers can realize significant improvements for their special-purpose traffic

Mobile Oriented Future Internet (MOFI)

This Special Issue consists of seven papers that discuss how to enhance mobility management and its associated performance in the mobile-oriented future Internet (MOFI) environment. The first two papers deal with the architectural design and experimentation of mobility management schemes, in which new schemes are proposed and real-world testbed experimentations are performed. The subsequent three papers focus on the use of software-defined networks (SDN) for effective service provisioning in the MOFI environment, together with real-world practices and testbed experimentations. The remaining two papers discuss the network engineering issues in newly emerging mobile networks, such as flying ad-hoc networks (FANET) and connected vehicular networks

ACUTA Journal of Telecommunications in Higher Education

In This Issue President\u27s Message From the ACUTA CEO Booking lt-High Tech Style Near Field Communication Brings Convenience to Campus Virtualization Coming to Enterprise Networks Preparing Union College\u27s ResNet for the Post-PG Era Using Social Media During Times of Crisis Business Model lnnovation Examples in Education Institutional! Excellence Award: lUanyWare at Indiana Universit

A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks

accepted in IEEE Communications Surveys & TutorialsInternational audienceThe idea of programmable networks has recently re-gained considerable momentum due to the emergence of the Software-Defined Networking (SDN) paradigm. SDN, often referred to as a ''radical new idea in networking'', promises to dramatically simplify network management and enable innovation through network programmability. This paper surveys the state-of-the-art in programmable networks with an emphasis on SDN. We provide a historic perspective of programmable networks from early ideas to recent developments. Then we present the SDN architecture and the OpenFlow standard in particular, discuss current alternatives for implementation and testing of SDN-based protocols and services, examine current and future SDN applications, and explore promising research directions based on the SDN paradigm