Issues and Challenges for Network Virtualisation

In recent years, network virtualisation has been of great interest to researchers, being a relatively new and major paradigm in networking. This has been reflected in the IT industry where many virtualisation solutions are being marketed as revolutionary and purchased by enterprises to exploit these promised performances. Adversely, there are certain drawbacks like security, isolation and others that have conceded the network virtualisation. In this study, an investigation of the different state-of-the-art virtualisation technologies, their issues and challenges are addressed and besides, a guideline for a quintessential Network Virtualisation Environment (NVE) is been proposed. A systematic review was effectuated on selectively picked research papers and technical reports. Moreover a comparative study is performed on different Network Virtualisation technologies which include features like security, isolation, stability, convergence, outlay, scalability, robustness, manageability, resource management, programmability, flexibility, heterogeneity, legacy Support, and ease of deployment. The virtualisation technologies comprise Virtual Private Network (VPN), Virtual Local Area Network (VLAN), Virtual Extensible Local Area Network (VXLAN), Software Defined Networking (SDN) and Network Function Virtualisation (NFV). Conclusively the results exhibited the disparity as to the gaps of creating an ideal network virtualisation model which can be circumvented using these as a benchmark

A Study on Security Attributes of Software-Defined Wide Area Network

For organizations to communicate important data across various branches, a reliable Wide Area Network (WAN) is important. With the increase of several factors such as usage of cloud services, WAN bandwidth demand, cost of leased lines, complexity in building/managing WAN and changing business needs led to need of next generation WAN. Software-defined wide area network (SD- WAN) is an emerging trend in today’s networking world as it simplifies management of network and provides seamless integration with the cloud. Compared to Multiprotocol Label Switching (MPLS) majorly used in traditional WAN architecture, SD-WAN incurs less cost, highly secure and offers great performance. This paper will mainly focus to investigate this next-generation WAN’s security attributes as security plays a crucial role in SD-WAN implementation. The goal of the paper is to analyze SD-WAN security by applying principles of CIA triad principle. Comparison of SD-WAN products offered by three different vendors in SD-WAN market with respect to its security is another important area that will be covered in this paper

On the Rollout of Network Slicing in Carrier Networks: A Technology Radar

Network slicing is a powerful paradigm for network operators to support use cases with widely diverse requirements atop a common infrastructure. As 5G standards are completed, and commercial solutions mature, operators need to start thinking about how to integrate network slicing capabilities in their assets, so that customer-facing solutions can be made available in their portfolio. This integration is, however, not an easy task, due to the heterogeneity of assets that typically exist in carrier networks. In this regard, 5G commercial networks may consist of a number of domains, each with a different technological pace, and built out of products from multiple vendors, including legacy network devices and functions. These multi-technology, multi-vendor and brownfield features constitute a challenge for the operator, which is required to deploy and operate slices across all these domains in order to satisfy the end-to-end nature of the services hosted by these slices. In this context, the only realistic option for operators is to introduce slicing capabilities progressively, following a phased approach in their roll-out. The purpose of this paper is to precisely help designing this kind of plan, by means of a technology radar. The radar identifies a set of solutions enabling network slicing on the individual domains, and classifies these solutions into four rings, each corresponding to a different timeline: (i) as-is ring, covering today’s slicing solutions; (ii) deploy ring, corresponding to solutions available in the short term; (iii) test ring, considering medium-term solutions; and (iv) explore ring, with solutions expected in the long run. This classification is done based on the technical availability of the solutions, together with the foreseen market demands. The value of this radar lies in its ability to provide a complete view of the slicing landscape with one single snapshot, by linking solutions to information that operators may use for decision making in their individual go-to-market strategies.H2020 European Projects 5G-VINNI (grant agreement No. 815279) and 5G-CLARITY (grant agreement No. 871428)Spanish national project TRUE-5G (PID2019-108713RB-C53

Hybrid SDN Evolution: A Comprehensive Survey of the State-of-the-Art

Software-Defined Networking (SDN) is an evolutionary networking paradigm which has been adopted by large network and cloud providers, among which are Tech Giants. However, embracing a new and futuristic paradigm as an alternative to well-established and mature legacy networking paradigm requires a lot of time along with considerable financial resources and technical expertise. Consequently, many enterprises can not afford it. A compromise solution then is a hybrid networking environment (a.k.a. Hybrid SDN (hSDN)) in which SDN functionalities are leveraged while existing traditional network infrastructures are acknowledged. Recently, hSDN has been seen as a viable networking solution for a diverse range of businesses and organizations. Accordingly, the body of literature on hSDN research has improved remarkably. On this account, we present this paper as a comprehensive state-of-the-art survey which expands upon hSDN from many different perspectives

Building the Infrastructure for Cloud Security

Computer scienc

Integração do paradigma de cloud computing com a infraestrutura de rede do operador

Doutoramento em Engenharia InformáticaThe proliferation of Internet access allows that users have the possibility to use services available directly through the Internet, which translates in a change of the paradigm of using applications and in the way of communicating, popularizing in this way the so-called cloud computing paradigm. Cloud computing brings with it requirements at two different levels: at the cloud level, usually relying in centralized data centers, where information technology and network resources must be able to guarantee the demand of such services; and at the access level, i.e., depending on the service being consumed, different quality of service is required in the access network, which is a Network Operator (NO) domain. In summary, there is an obvious network dependency. However, the network has been playing a relatively minor role, mostly as a provider of (best-effort) connectivity within the cloud and in the access network. The work developed in this Thesis enables for the effective integration of cloud and NO domains, allowing the required network support for cloud. We propose a framework and a set of associated mechanisms for the integrated management and control of cloud computing and NO domains to provide endto- end services. Moreover, we elaborate a thorough study on the embedding of virtual resources in this integrated environment. The study focuses on maximizing the host of virtual resources on the physical infrastructure through optimal embedding strategies (considering the initial allocation of resources as well as adaptations through time), while at the same time minimizing the costs associated to energy consumption, in single and multiple domains. Furthermore, we explore how the NO can take advantage of the integrated environment to host traditional network functions. In this sense, we study how virtual network Service Functions (SFs) should be modelled and managed in a cloud environment and enhance the framework accordingly. A thorough evaluation of the proposed solutions was performed in the scope of this Thesis, assessing their benefits. We implemented proof of concepts to prove the added value, feasibility and easy deployment characteristics of the proposed framework. Furthermore, the embedding strategies evaluation has been performed through simulation and Integer Linear Programming (ILP) solving tools, and it showed that it is possible to reduce the physical infrastructure energy consumption without jeopardizing the virtual resources acceptance. This fact can be further increased by allowing virtual resource adaptation through time. However, one should have in mind the costs associated to adaptation processes. The costs can be minimized, but the virtual resource acceptance can be also reduced. This tradeoff has also been subject of the work in this Thesis.A proliferação do acesso à Internet permite aos utilizadores usar serviços disponibilizados diretamente através da Internet, o que se traduz numa mudança de paradigma na forma de usar aplicações e na forma de comunicar, popularizando desta forma o conceito denominado de cloud computing. Cloud computing traz consigo requisitos a dois níveis: ao nível da própria cloud, geralmente dependente de centros de dados centralizados, onde as tecnologias de informação e recursos de rede têm que ser capazes de garantir as exigências destes serviços; e ao nível do acesso, ou seja, dependendo do serviço que esteja a ser consumido, são necessários diferentes níveis de qualidade de serviço na rede de acesso, um domínio do operador de rede. Em síntese, existe uma clara dependência da cloud na rede. No entanto, o papel que a rede tem vindo a desempenhar neste âmbito é reduzido, sendo principalmente um fornecedor de conectividade (best-effort) tanto no dominio da cloud como no da rede de acesso. O trabalho desenvolvido nesta Tese permite uma integração efetiva dos domínios de cloud e operador de rede, dando assim à cloud o efetivo suporte da rede. Para tal, apresentamos uma plataforma e um conjunto de mecanismos associados para gestão e controlo integrado de domínios cloud computing e operador de rede por forma a fornecer serviços fim-a-fim. Além disso, elaboramos um estudo aprofundado sobre o mapeamento de recursos virtuais neste ambiente integrado. O estudo centra-se na maximização da incorporação de recursos virtuais na infraestrutura física por meio de estratégias de mapeamento ótimas (considerando a alocação inicial de recursos, bem como adaptações ao longo do tempo), enquanto que se minimizam os custos associados ao consumo de energia. Este estudo é feito para cenários de apenas um domínio e para cenários com múltiplos domínios. Além disso, exploramos como o operador de rede pode aproveitar o referido ambiente integrado para suportar funções de rede tradicionais. Neste sentido, estudamos como as funções de rede virtualizadas devem ser modeladas e geridas num ambiente cloud e estendemos a plataforma de acordo com este conceito. No âmbito desta Tese foi feita uma avaliação extensa das soluções propostas, avaliando os seus benefícios. Implementámos provas de conceito por forma a demonstrar as mais-valias, viabilidade e fácil implantação das soluções propostas. Além disso, a avaliação das estratégias de mapeamento foi realizada através de ferramentas de simulação e de programação linear inteira, mostrando que é possível reduzir o consumo de energia da infraestrutura física, sem comprometer a aceitação de recursos virtuais. Este aspeto pode ser melhorado através da adaptação de recursos virtuais ao longo do tempo. No entanto, deve-se ter em mente os custos associados aos processos de adaptação. Os custos podem ser minimizados, mas isso implica uma redução na aceitação de recursos virtuais. Esta compensação foi também um tema abordado nesta Tese

Towards a cloud enabler : from an optical network resource provisioning system to a generalized architecture for dynamic infrastructure services provisioning

This work was developed during a period where most of the optical management and provisioning system where manual and proprietary. This work contributed to the evolution of the state of the art of optical networks with new architectures and advanced virtual infrastructure services. The evolution of optical networks, and internet globally, have been very promising during the last decade. The impact of mobile technology, grid, cloud computing, HDTV, augmented reality and big data, among many others, have driven the evolution of optical networks towards current service technologies, mostly based on SDN (Software Defined Networking) architectures and NFV(Network Functions Virtualisation). Moreover, the convergence of IP/Optical networks and IT services, and the evolution of the internet and optical infrastructures, have generated novel service orchestrators and open source frameworks. In fact, technology has evolved that fast that none could foresee how important Internet is for our current lives. Said in other words, technology was forced to evolve in a way that network architectures became much more transparent, dynamic and flexible to the end users (applications, user interfaces or simple APIs). This Thesis exposes the work done on defining new architectures for Service Oriented Networks and the contribution to the state of the art. The research work is divided into three topics. It describes the evolution from a Network Resource Provisioning System to an advanced Service Plane, and ends with a new architecture that virtualized the optical infrastructure in order to provide coordinated, on-demand and dynamic services between the application and the network infrastructure layer, becoming an enabler for the new generation of cloud network infrastructures. The work done on defining a Network Resource Provisioning System established the first bases for future work on network infrastructure virtualization. The UCLP (User Light Path Provisioning) technology was the first attempt for Customer Empowered Networks and Articulated Private Networks. It empowered the users and brought virtualization and partitioning functionalities into the optical data plane, with new interfaces for dynamic service provisioning. The work done within the development of a new Service Plane allowed the provisioning of on-demand connectivity services from the application, and in a multi-domain and multi-technology scenario based on a virtual network infrastructure composed of resources from different infrastructure providers. This Service Plane facilitated the deployment of applications consuming large amounts of data under deterministic conditions, so allowing the networks behave as a Grid-class resource. It became the first on-demand provisioning system that at lower levels allowed the creation of one virtual domain composed from resources of different providers. The last research topic presents an architecture that consolidated the work done in virtualisation while enhancing the capabilities to upper layers, so fully integrating the optical network infrastructure into the cloud environment, and so providing an architecture that enabled cloud services by integrating the request of optical network and IT infrastructure services together at the same level. It set up a new trend into the research community and evolved towards the technology we use today based on SDN and NFV. Summing up, the work presented is focused on the provisioning of virtual infrastructures from the architectural point of view of optical networks and IT infrastructures, together with the design and definition of novel service layers. It means, architectures that enabled the creation of virtual infrastructures composed of optical networks and IT resources, isolated and provisioned on-demand and in advance with infrastructure re-planning functionalities, and a new set of interfaces to open up those services to applications or third parties.Aquesta tesi es va desenvolupar durant un període on la majoria de sistemes de gestió de xarxa òptica eren manuals i basats en sistemes propietaris. En aquest sentit, la feina presentada va contribuir a l'evolució de l'estat de l'art de les xarxes òptiques tant a nivell d’arquitectures com de provisió d’infraestructures virtuals. L'evolució de les xarxes òptiques, i d'Internet a nivell mundial, han estat molt prometedores durant l'última dècada. L'impacte de la tecnologia mòbil, la computació al núvol, la televisió d'alta definició, la realitat augmentada i el big data, entre molts altres, han impulsat l'evolució cap a xarxes d’altes prestacions amb nous serveis basats en SDN (Software Defined Networking) i NFV (Funcions de xarxa La virtualització). D'altra banda, la convergència de xarxes òptiques i els serveis IT, junt amb l'evolució d'Internet i de les infraestructures òptiques, han generat nous orquestradors de serveis i frameworks basats en codi obert. La tecnologia ha evolucionat a una velocitat on ningú podria haver predit la importància que Internet està tenint en el nostre dia a dia. Dit en altres paraules, la tecnologia es va veure obligada a evolucionar d'una manera on les arquitectures de xarxa es fessin més transparent, dinàmiques i flexibles vers als usuaris finals (aplicacions, interfícies d'usuari o APIs simples). Aquesta Tesi presenta noves arquitectures de xarxa òptica orientades a serveis. El treball de recerca es divideix en tres temes. Es presenta un sistema de virtualització i aprovisionament de recursos de xarxa i la seva evolució a un pla de servei avançat, per acabar presentant el disseny d’una nova arquitectura capaç de virtualitzar la infraestructura òptica i IT i proporcionar serveis de forma coordinada, i sota demanda, entre l'aplicació i la capa d'infraestructura de xarxa òptica. Tot esdevenint un facilitador per a la nova generació d'infraestructures de xarxa en el núvol. El treball realitzat en la definició del sistema de virtualització de recursos va establir les primeres bases sobre la virtualització de la infraestructura de xarxa òptica en el marc de les “Customer Empowered Networks” i “Articulated Private Networks”. Amb l’objectiu de virtualitzar el pla de dades òptic, i oferir noves interfícies per a la provisió de serveis dinàmics de xarxa. En quant al pla de serveis presentat, aquest va facilitat la provisió de serveis de connectivitat sota demanda per part de l'aplicació, tant en entorns multi-domini, com en entorns amb múltiples tecnologies. Aquest pla de servei, anomenat Harmony, va facilitar el desplegament de noves aplicacions que consumien grans quantitats de dades en condicions deterministes. En aquest sentit, va permetre que les xarxes es comportessin com un recurs Grid, i per tant, va esdevenir el primer sistema d'aprovisionament sota demanda que permetia la creació de dominis virtuals de xarxa composts a partir de recursos de diferents proveïdors. Finalment, es presenta l’evolució d’un pla de servei cap una arquitectura global que consolida el treball realitzat a nivell de convergència d’infraestructures (òptica + IT) i millora les capacitats de les capes superiors. Aquesta arquitectura va facilitar la plena integració de la infraestructura de xarxa òptica a l'entorn del núvol. En aquest sentit, aquest resultats van evolucionar cap a les tendències actuals de SDN i NFV. En resum, el treball presentat es centra en la provisió d'infraestructures virtuals des del punt de vista d’arquitectures de xarxa òptiques i les infraestructures IT, juntament amb el disseny i definició de nous serveis de xarxa avançats, tal i com ho va ser el servei de re-planificació dinàmicaPostprint (published version

Contributions to routing scalability and QoS assurance in cloud data transport networks based on the recursive internetwork architecture

With an increasing number of devices and heterogeneous distributed applications, it is becoming evident that service delivered by the current Internet fall short to supply the actual Quality of Service (QoS) requirements of applications. In addition, the global scope of the IP layer causes large scalability problems on the network. Multiple solutions aim to overcome the limitations of the model (BGP, NAT, etc.), but all end being constrained by the same networking model that they try to improve, ending simply breaking and patching the stack itself of TCP/IP. In contrast, RINA proposes a new clean-slate Internet architecture based on a recursive networking stack with focus on inter process communication, where each layer, or DIF, performs the same set of tasks. DIFs are fully configurable by mean of programmable policies, and provide complete support for QoS services. RINA is capable to provide a standardized way to express the capabilities of each layer, the QoS Cubes. With those, RINA allows for applications and upper processes to express their requirements in terms of latency, losses, etc. The contributions in this thesis take profit from the recursive stack of RINA and the use of policies to propose and analyse old and new solutions which would not be compatible with the current TCP/IP Internet. Improving the QoS services, this work takes profit from the information on requirements provided by the applications themselves to improve the assurance of QoS. With the use of Q-based scheduling policies, improved QoS assurances are provided, aiming to provide “good enough” service for all flows in the network, resulting in a more appropriate sharing of resources. These policies have been tested in backbone-like networks, showing interesting improvements with respect to commonly used solutions like MPLS-based VPNs. In addition the provisioning of QoS services to end-users is also considered. In order to allow that, it is required to impose some limits on what end-users can send to the network, limiting the amount of priority traffic that potentially greedy users can send. In that regard, while enforcing strict rate-limits per QoS would be trivial in RINA, a new △Q-based rate-limiting policy that aims to limit the amount of priority traffic in a more user-friendly way is also explored. In terms of scalability, this work also considers different measures to improve forwarding and routing within large-scale networks. As for the use of policies that could profit from specific network topologies, a new forwarding policy, that mix both topological rules and exceptions, is proposed. With this policy, forwarding table lookups in large tables are replaced with fast and simple forwarding rules based on the location of nodes and their neighbourhood. Given the common topologies used in large data centres, the proposed policy is found to be a perfect match for those scenarios. Test for different data centre topology showed clear improvements, requiring only a small fraction of all forwarding information despite the large size of such networks, depending that in the number of concurrent failures in the network rather than on the size of it. In addition, this work also considers the use of topological routing policies to populate exceptions upon failures. The use of topological routing solutions resulted in reduced complexity for computing paths and less routing messages. In addition to topological solutions, the use other routing solution, not well suited for the IP environment are also investigated. Specifically, it is shown how a Landmark routing solution could be implemented within RINA. Finally, efforts are also devoted to analyse the importance of path selection for ensuring QoS requirements and how it is not required to reach extremes solutions, like the use of connections, to provide the required services.Con un número cada vez mayor de dispositivos y aplicaciones distribuidas, se está volviendo evidente que el servicio best-effort ofrecido por la actual Internet TCP/IP no satisface los requisitos de calidad de servicio (QoS) de las aplicaciones. No solo eso, sino que el alcance global de la capa de IP se convierte en la causa de grandes problemas de escalabilidad, requiriendo costes cada vez más altos para ser resueltos. Desde la implantación de TCP/IP, han aparecido múltiples soluciones que tienen como objetivo superar las limitaciones del modelo (BGP, NAT, LISP, etc.). Aun así, todas estas soluciones terminan restringidas por el mismo modelo de red que intentan mejorar. Dado esto, la mayoría de las soluciones terminan simplemente rompiendo y parcheando la pila misma de TCP/IP. Con el objetivo de resolver esos problemas, la Recursive InterNetwork Architecture (RINA) propone una nueva arquitectura de Internet que vuelve a las raíces de la comunicación en red. En lugar de parchear la pila actual de TCP/IP, RINA propone una pila de red recursiva con enfoque en la comunicación entre procesos, donde cada capa, llamada Distributed IPC Facility (DIF), realiza el mismo conjunto de tareas. Mientras realizan las mismas tareas, las DIF de RINA son completamente configurables por medio de políticas programables, definiciones de cómo realizar tales tareas. Además, RINA brinda soporte completo para servicios de QoS por medio de los Cubos QoS, o clases de QoS que definen las capacidades de cada DIF. Con el uso de los Cubos QoS, RINA es capaz de proporcionar una forma estandarizada de expresar las capacidades de cada capa. Además, dada esa información, RINA también permite que las aplicaciones y los procesos de capas superiores expresen sus requisitos de QoS en términos de latencia aceptada, pérdidas, uso promedio, etc. Las contribuciones en esta tesis sacan provecho de la pila recursiva de RINA y el uso de políticas para proponer y analizar soluciones, antiguas y nuevas, para QoS y escalabilidad, que no serán compatibles con la Internet TCP/IP actual. En términos de mejoras de los servicios de QoS, el trabajo en esta tesis aprovecha la información sobre los requisitos de flujo, proporcionados por las propias aplicaciones, para mejorar las garantías de QoS proporcionadas por la red. Propone el uso de políticas basadas en △Q, proporcionando garantías de QoS mejoradas, que coinciden mejor con los requisitos de los flujos. A diferencia de las soluciones de diferenciación de QoS más simples, donde los servicios de QoS se proporcionan en orden de prioridad, △Q pretende proporcionar un servicio “suficientemente bueno" para todos los flujos en la red, lo que resulta en una repartición de recursos más apropiada. En este trabajo, estas políticas se han probado en redes tipo backbone, que muestran mejoras interesantes con respecto a las soluciones comunes de diferenciación de QoS, como las VPN basadas en MPLS. Además del uso de las políticas de △Q en el núcleo de la red, esta tesis también considera el suministro de servicios de QoS a los usuarios finales, siendo ese el objetivo final de las redes. Para permitir eso, se requiere imponer algunos límites a lo que los usuarios finales pueden enviar a la red, con el fin de limitar la cantidad de tráfico prioritario que usuarios codiciosos puedan enviar. En ese sentido, aunque imponer límites de velocidad estrictos por QoS sería trivial en RINA, también se explora una nueva política de limitación de tasas basada en △Q que pretende limitar la cantidad de tráfico prioritario de una manera más beneficiosa para los usuarios. En términos de escalabilidad, esta tesis también considera diferentes medidas para mejorar el reenvío y el enrutamiento dentro de redes de gran escala. Primero, en cuanto al uso de políticas que podrán beneficiarse de topologías de red específicas, se propone una nueva política de forwarding que combina reglas topológicas, es decir decisiones basadas en la ubicación de nodos, y excepciones, es decir entradas que sobrescriben reglas en caso de error. Con esta política, las costosas búsquedas en tablas grandes se reemplazan con reglas de rápidas y simples basadas en la ubicación de los nodos y su vecindad. Dadas las topologías específicas más comúnmente utilizadas en los grandes centros de datos hoy en día, se encuentra que el uso de la política propuesta es la combinación perfecta para esos escenarios. Pruebas en varias topologías comunes para centros de datos mostraron mejoras claras, que requieren solo una pequeña fracción de toda la información sobre la red, a pesar del gran tamaño de dichas redes, dependiendo esta de la cantidad de fallas concurrentes en la red y no del tamaño de la misma. Además, esta tesis también considera el uso de políticas de enrutamiento topológico para poblar tales excepciones en caso de fallas. El uso de soluciones de enrutamiento topológico dio como resultado la reducción de la complejidad en el cálculo de rutas, junto con un menor número de mensajes de enrutamiento. Además de las soluciones topológicas, también se investiga el uso de otra solución de enrutamiento, no adecuada para el entorno de IP. Específicamente, se muestra como una solución de enrutamiento Landmark, una solución de enrutamiento de la familia de enrutamiento compacto, podría implementarse dentro de RINA. Finalmente, también se dedican esfuerzos a analizar la importancia de la selección de rutas para garantizar los requisitos de QoS y como no se requiere llegar a soluciones extremas, como el uso de conexiones, para proporcionar los servicios requeridos.Postprint (published version

The Grand Challenge of Managing the Petascale Facility.

This report is the result of a study of networks and how they may need to evolve to support petascale leadership computing and science. As Dr. Ray Orbach, director of the Department of Energy's Office of Science, says in the spring 2006 issue of SciDAC Review, 'One remarkable example of growth in unexpected directions has been in high-end computation'. In the same article Dr. Michael Strayer states, 'Moore's law suggests that before the end of the next cycle of SciDAC, we shall see petaflop computers'. Given the Office of Science's strong leadership and support for petascale computing and facilities, we should expect to see petaflop computers in operation in support of science before the end of the decade, and DOE/SC Advanced Scientific Computing Research programs are focused on making this a reality. This study took its lead from this strong focus on petascale computing and the networks required to support such facilities, but it grew to include almost all aspects of the DOE/SC petascale computational and experimental science facilities, all of which will face daunting challenges in managing and analyzing the voluminous amounts of data expected. In addition, trends indicate the increased coupling of unique experimental facilities with computational facilities, along with the integration of multidisciplinary datasets and high-end computing with data-intensive computing; and we can expect these trends to continue at the petascale level and beyond. Coupled with recent technology trends, they clearly indicate the need for including capability petascale storage, networks, and experiments, as well as collaboration tools and programming environments, as integral components of the Office of Science's petascale capability metafacility. The objective of this report is to recommend a new cross-cutting program to support the management of petascale science and infrastructure. The appendices of the report document current and projected DOE computation facilities, science trends, and technology trends, whose combined impact can affect the manageability and stewardship of DOE's petascale facilities. This report is not meant to be all-inclusive. Rather, the facilities, science projects, and research topics presented are to be considered examples to clarify a point

Advanced SDN-Based QoS and Security Solutions for Heterogeneous Networks

This thesis tries to study how SDN can be employed in order to support Quality of Service and how the support of this functionality is fundamental for today networks. Considering, not only the present networks, but also the next generation ones, the importance of the SDN paradigm become manifest as the use of satellite networks, which can be useful considering their broadcasting capabilities. For these reasons, this research focuses its attention on satellite - terrestrial networks and in particular on the use of SDN inside this environment. An important fact to be taken into account is that the growing of the information technologies has pave the way for new possible threats. This research study tries to cover also this problem considering how SDN can be employed for the detection of past and future malware inside networks