A pattern-based framework for the design of secure and dependable SDN/NFV-enabled networks

As the world becomes an interconnected network where objects and humans interact, cyber and physical networks appear to play an important role in smart ecosystems due to their increasing use on critical infrastructure and smart cities. Software Defined Networking (SDN) and Network Function Virtualisation (NFV) are a promising combination for programmable connectivity, rapid service provisioning and service chaining as they offer the necessary end-to-end optimisations. However, with the actual exponential growth of connected devices, future networks, such as SDN and NFV, require open architectures, facilitated by standards and a strong ecosystem.In this thesis, a model-based approach is proposed to support the design and verification of secure and dependable SDN/NFV-enabled networks. The model is based on the development of a pattern-based approach to design executable patterns as solutions for reusable designs and interactions of objects, encoded in a rule based reasoning system, able to guarantee security and dependability (S&D) properties in SDN/NFV enabled networks. To execute S&D patterns, a pattern based framework is implemented for the insertion of patterns at design and at runtime level. The developed pattern framework highlights also the benefit of leveraging the flexibility of SDN/NFV-enabled networks to deploy enhanced reactive security mechanisms for the protection of the industrial network via the use of service function chaining (SFC). To prove the importance of this approach and the functionality of the pattern framework, different pattern instances are implemented to guarantee S&D in network infrastructures. The developed design patterns are able to design network topologies, guarantee network properties and offer security service provisioning and chaining. Finally, in order to evaluate the developed patterns in the pattern framework, three different use cases are described, where a number of usage scenarios are deployed and evaluated experimentally

Fault Tolerance Using an SDN Pattern Framework

Software Defined Networking (SDN) and Network Function Virtualization (NFV) are a promising combination for programmable connectivity, rapid service provisioning and service chaining as they offer the necessary end-to-end optimizations. However, with the actual exponential growth of connected devices, future networks such as SDN/NFV require an open-solutions architecture, facilitated by standards and a strong ecosystem. Such networks need to support communication services that offers guarantees about fault tolerance, redundancy, resilience and security. The construction of complex networks preserving Security and Dependability (S&D) properties is necessary to avoid system vulnerabilities, which may occur in the various layers of SDN architectures. In this work, we propose a pattern framework build in an SDN controller able to import design patterns in a rule-based language in order to provide fault tolerance in SDN networks. To evaluate the importance and the functionality of this framework, fault tolerance patterns are proposed to guarantee network connectivity, detection and restoration of network traffic in SDN network infrastructures

Towards a Security, Privacy, Dependability, Interoperability Framework for the Internet of Things

A popular application of ambient intelligence systems constitutes of assisting living services on smart buildings. As intelligence is imported in embedded equipment, the system becomes able to provide smart services (e.g. control lights, airconditioning, provide energy management services etc.). IoT is the main enabler of such environments. However, the interconnection of these cyber-physical systems and the processing of personal data raise serious security and privacy issues. In this paper we present a framework that can guarantee Security, Privacy, Dependability and Interoperability (SPDI) in IoT. Taking advantage of the underlying IoT deployment, the proposed framework not only implements the requested smart functionality but also provide modelling and administration that can guarantee those SPDI properties. Moreover, we provide an application example of the framework in a smart building scenario

Threat Landscape and Good Practice Guide for Software Defined Networks/5G

5G represents the next major phase of mobile telecommunication systems and network architectures beyond the current 4G standards, aiming at extreme broadband and ultra-robust, low latency connectivity, to enable the programmable connectivity for the Internet of Everything2. Despite the significant debate on the technical specifications and the technological maturity of 5G, which are under discussion in various fora3, 5G is expected to affect positively and significantly several industry sectors ranging from ICT to industry sectors such as car and other manufacturing, health and agriculture in the period up to and beyond 2020. 5G will be driven by the influence of software on network functions, known as Software Defined Networking (SDN) and Network Function Virtualization (NFV). The key concept that underpins SDN is the logical centralization of network control functions by decoupling the control and packet forwarding functionality of the network. NFV complements this vision through the virtualization of these functionalities based on recent advances in general server and enterprise IT virtualization. Considering the technological maturity of the technologies that 5G can leverage on, SDN is the one that is moving faster from development to production. To realize the business potential of SDN/5G, a number of technical issues related to the design and operation of Software Defined Networks need to be addressed. Amongst them, SDN/5G security is one of the key issues, that needs to be addressed comprehensively in order to avoid missing the business opportunities arising from SDN/5G. In this report, we review threats and potential compromises related to the security of SDN/5G networks. More specifically, this report contains a review of the emerging threat landscape of 5G networks with particular focus on Software Defined Networking. It also considers security of NFV and radio network access. To provide a comprehensive account of the emerging threat SDN/5G landscape, this report has identified related network assets and the security threats, challenges and risks arising for these assets. Driven by the identified threats and risks, this report has also reviewed and identified existing security mechanisms and good practices for SDN/5G/NFV, and based on these it has analysed gaps and provided technical, policy and organizational recommendations for proactively enhancing the security of SDN/5G

A Reactive Security Framework for Operational Wind Parks Using Service Function Chaining

The innovative application of 5G core technologies, namely Software Defined Networking (SDN) and Network Function Virtualization (NFV), can help reduce capital and operational expenditures in industrial networks. Nevertheless, SDN expands the attack surface of the communication infrastructure, thus necessitating the introduction of additional security mechanisms. A wind park is a good example of an industrial application relying on a network with strict performance, security, and reliability requirements, and was chosen as a representative example of industrial systems. This work highlights the benefit of leveraging the flexibility of SDN/NFV-enabled networks to deploy enhanced, reactive security mechanisms for the protection of the industrial network, via the use of Service Function Chaining. Moreover, a proof of concept implementation of the reactive security framework for an industrial-grade wind park network is presented. The framework is equipped with SDN and SCADA honeypots, modelled on (and deployable to) an actual, operating wind park, allowing continuous monitoring of the industrial network and detailed analysis of potential attacks, thus isolating attackers and enabling the assessment of their level of sophistication

Relation between outcomes and localisation of p-mTOR expression in gastric cancer

The mammalian target of rapamycin (mTOR), a Ser/Thr protein kinase that mediates intracellular signalling related to cell growth, proliferation, and differentiation, has received considerable interest as a possible target for cancer treatment. We evaluated the correlation of mTOR expression with clinicopathological features, outcomes, and the expression of Akt, an upstream regulator of mTOR, in gastric cancer. Tumour samples were obtained from 109 patients with gastric adenocarcinomas who underwent a radical gastrectomy. The expressions of phosphorylated mTOR (p-mTOR) and phosphorylated Akt (p-Akt) in the cytoplasm and in the nucleus were analysed by immunohistochemical staining. Cytoplasmic p-mTOR expression positively correlated with the depth of tumour invasion (T1 vs T2–4, P=0.003), involved lymph nodes (P=0.010), and tumour stage (I vs II–IV, P=0.002). In contrast, nuclear p-mTOR expression negatively correlated with these variables (P<0.001,=0.035, and <0.001). Cytoplasmic p-mTOR expression was associated with significantly poorer relapse-free survival (RFS, P=0.037) and overall survival (OS, P=0.024), whereas nuclear p-mTOR expression was associated with better RFS and OS (P=0.029, 0.059). Neither cytoplasmic nor nuclear p-Akt expression was associated with any clinicopathological factor or with survival. Localisation of p-mTOR may play an important role in tumour progression and outcomes in patients with gastric cancer

mTOR Is Essential for the Proteotoxic Stress Response, HSF1 Activation and Heat Shock Protein Synthesis

The target of rapamycin (TOR) is a high molecular weight protein kinase that regulates many processes in cells in response to mitogens and variations in nutrient availability. Here we have shown that mTOR in human tissue culture cells plays a key role in responses to proteotoxic stress and that reduction in mTOR levels by RNA interference leads to increase sensitivity to heat shock. This effect was accompanied by a drastic reduction in ability to synthesize heat shock proteins (HSP), including Hsp70, Hsp90 and Hsp110. As HSP transcription is regulated by heat shock transcription factor 1 (HSF1), we examined whether mTOR could directly phosphorylate this factor. Indeed, we determined that mTOR could directly phosphorylate HSF1 on serine 326, a key residue in transcriptional activation. HSF1 was phosphorylated on S326 immediately after heat shock and was triggered by other cell stressors including proteasome inhibitors and sodium arsenite. Null mutation of S326 to alanine led to loss of ability to activate an HSF1-regulated promoter-reporter construct, indicating a direct role for mTOR and S326 in transcriptional regulation of HSP genes during stress. As mTOR is known to exist in at least two intracellular complexes, mTORC1 and mTOR2 we examined which complex might interact with HSF1. Indeed mTORC1 inhibitor rapamycin prevented HSF1-S326 phosphorylation, suggesting that this complex is involved in HSF1 regulation in stress. Our experiments therefore suggest a key role for mTORC1 in transcriptional responses to proteotoxic stress

mTOR signaling: implications for cancer and anticancer therapy

Mounting evidence links deregulated protein synthesis to tumorigenesis via the translation initiation factor complex eIF4F. Components of this complex are often overexpressed in a large number of cancers and promote malignant transformation in experimental systems. mTOR affects the activity of the eIF4F complex by phosphorylating repressors of the eIF4F complex, the eIF4E binding proteins. The immunosuppressant rapamycin specifically inhibits mTOR activity and retards cancer growth. Importantly, mutations in upstream negative regulators of mTOR cause hamartomas, haemangiomas, and cancers that are sensitive to rapamycin treatment. Such mutations lead to increased eIF4F formation and consequently to enhanced translation initiation and cell growth. Thus, inhibition of translation initiation through targeting the mTOR-signalling pathway is emerging as a promising therapeutic option

Epigenetic Activation of a Subset of mRNAs by eIF4E Explains Its Effects on Cell Proliferation

BACKGROUND: Translation deregulation is an important mechanism that causes aberrant cell growth, proliferation and survival. eIF4E, the mRNA 5′ cap-binding protein, plays a major role in translational control. To understand how eIF4E affects cell proliferation and survival, we studied mRNA targets that are translationally responsive to eIF4E. METHODOLOGY/PRINCIPAL FINDINGS: Microarray analysis of polysomal mRNA from an eIF4E-inducible NIH 3T3 cell line was performed. Inducible expression of eIF4E resulted in increased translation of defined sets of mRNAs. Many of the mRNAs are novel targets, including those that encode large- and small-subunit ribosomal proteins and cell growth-related factors. In addition, there was augmented translation of mRNAs encoding anti-apoptotic proteins, which conferred resistance to endoplasmic reticulum-mediated apoptosis. CONCLUSIONS/SIGNIFICANCE: Our results shed new light on the mechanisms by which eIF4E prevents apoptosis and transforms cells. Downregulation of eIF4E and its downstream targets is a potential therapeutic option for the development of novel anti-cancer drugs