Performance benchmarking of SDN experimental platforms

There is a huge number of SDN experimental platforms available such as simulators, emulators and actual testbeds, each of them having different performance metrics. This paper presents a series of performance tests, that can be performed in each of the available platforms, in order to evaluate and rank them in various performance categories. These tests cover performance categories such as experiment setup/teardown time, resources needed in the form of CPU and RAM, as well as the fair use and fair share of those resources by the experimental platform. In addition, ping delay, response failure rate and scalability are also measured. All the performance tests presented in this paper have been implemented in Mininet emulator in order to evaluate its performance. After the data analysis, the most noticeable results are (i) response failure increases as the number of links increases, in some cases by 95%, (ii) CPU load balancing is more efficient as the number of nodes increases and (iii) initial ping delay is huge compared to average ping delay, in some cases up to 1725 times larger. Finally, performance results indicate that Mininet has several scalability issues

Exploring the firewall security consistency in cloud computing during live migration

Virtualization technology adds great opportunities and challenges to the cloud computing paradigm. Resource management can be efficiently enhanced by employing Live Virtual Machine Migration (LVMM) techniques. Based on the literature of LVMM implementation in the virtualization environment, middle-boxes such as firewalls do not work effectively after LVMM as it introduces dynamic changes in network status and traffic, which may lead to critical security vulnerabilities. One key security hole is that the security context of the firewall do not move with the Virtual Machine after LVMM is triggered. This leads to inconsistency in the firewall level of protection of the migrated Virtual Machine. There is a lack in the literature of practical studies that address this problem in cloud computing platform. This paper demonstrates a practical analysis using OpenStack testbed to study the firewalls limitations in protecting virtual machines after LVMM. Two network scenarios are used to evaluate this problem. The results show that the security context problem does not exist in the stateless firewall but can exist in the stateful firewall

Infrastructure as a service: exploring network access control challenges

Cloud Computing Infrastructure as a Service (IaaS) is a great model for outsourcing IT infrastructure. It is built to offer fascinating features to support business development, such as elasticity, multi-tenancy, configurability and dynamicity. However, IaaS faces security challenges on account of its flexible nature. For this article, we studied the IaaS characteristics and investigated their related security challenges. We then elaborated these security challenges by exploring the security threats on live virtual machine migration as it is one of the main IaaS operations. We found that proper access control techniques and models are a critical element in enhancing IaaS and mitigating the identified security threats. Therefore, we investigated and contrasted the implemented and the proposed firewall architectures in IaaS as a firewall is a basic security appliance that enforces access control. We also explored and contrasted the proposed access control models in the IaaS. It was found that the traditional firewalls and access control models were not sufficient for IaaS. Therefore, there is a need to develop a proper access control model and enforcement techniques to mitigate IaaS security threats. Based on the security research trend and the results obtained in this articles exploration, we endorse an IaaS access control system built on a computational intelligent approach

Adaptive intelligent middleware architecture for mobile real-time communications

Provision of instantaneous, mobile and dependable communications in military and safety-critical scenarios must overcome certain wireless network issues: lack of reliable existing infrastructure, immutability of mission-critical protocols and detrimental wireless dynamics with contributing factors including hidden transmitters and fading channels. Benchmarked approaches do not fully meet these challenges, due to reliance on addressing Quality of Service (QoS) at a layer-specific level rather than taking a system of systems approach. This paper presents an adaptive middleware methodology to provide timely MANET communications through predictive selection and dynamic contention reduction, without invasive protocol modification. This is done using ROAM, the proposed, novel Real-time Optimised Ad hoc Middleware based architecture. Extensive simulation results demonstrate the adaptability and scalability of the architecture as well as capability to bound maximum delay, jitter and packet loss in complex and dynamic MANETs

Performance benchmarking of SDN experimental platforms

There is a huge number of SDN experimental platforms available such as simulators, emulators and actual testbeds, each of them having different performance metrics. This paper presents a series of performance tests, that can be performed in each of the available platforms, in order to evaluate and rank them in various performance categories. These tests cover performance categories such as experiment setup/teardown time, resources needed in the form of CPU and RAM, as well as the fair use and fair share of those resources by the experimental platform. In addition, ping delay, response failure rate and scalability are also measured. All the performance tests presented in this paper have been implemented in Mininet emulator in order to evaluate its performance. After the data analysis, the most noticeable results are (i) response failure increases as the number of links increases, in some cases by 95%, (ii) CPU load balancing is more efficient as the number of nodes increases and (iii) initial ping delay is huge compared to average ping delay, in some cases up to 1725 times larger. Finally, performance results indicate that Mininet has several scalability issues

A quality of service framework for dependability in large-scale distributed systems

As recognition grows within industry for the advantages that can be gained through the exploitation of large-scale dynamic systems, a need emerges for dependable performance. Future systems are being developed with a requirement to support mission critical and safety critical applications. These levels of criticality require predictable performance and as such have traditionally not been associated with adaptive systems. The software architecture proposed for such systems takes its properties from the service-oriented computing paradigm and the communication model follows a publish/subscribe approach. While adaptive, such architectures do not, however, typically support real-time levels of performance. There is scope, however, for dependability within such architectures through the use of Quality of Service (QoS) methods. QoS is used in systems where the distribution of resources cannot be decided at design time. In this paper a QoS based framework is proposed for providing adaptive and dependable behaviour for future large-scale dynamic systems through the flexible allocation of resources. Simulation results are presented to demonstrate the benefits of the QoS framework and the tradeoffs that occur between negotiation algorithms of varying complexities

A quality of service framework for adaptive and dependable large scale system-of-systems

There is growing recognition within industry that for system growth to be sustainable, the way in which existing assets are used must be improved. Future systems are being developed with a desire for dynamic behaviour and a requirement for dependability at mission critical and safety critical levels. These levels of criticality require predictable performance and as such have traditionally not been associated with adaptive systems. The software architecture proposed for such systems is based around a publish/subscribe model, an approach that, while adaptive, does not typically support critical levels of performance. There is, however, the scope for dependability within such architectures through the use of Quality of Service (QoS) methods. QoS is used in systems where the distribution of resources cannot be decided at design time. A QoS based framework is proposed for providing adaptive and dependable behaviour for future large-scale system-of-systems. Initial simulation results are presented to demonstrate the benefits of QoS

Process and tool support for real-time performance analysis of integrated modular systems

This paper describes a real-time system performance analysis methodology and toolset that has been developed at SEIC to be an integral part of a broader BAE Systems Military Air Solutions (MAS) process and toolset for Integrated Modular Systems (IMS). The proposed modelling approach and toolset components provide some key ‘through-life’ real-time system engineering benefits relating to system performance, including : the ability to construct a performance prediction model during the early stages of system design and to independently model the timing behaviour of end-to-end transactions across a distributed system of shared processing and network resources

Cross-layer signalling and middleware: a survey for inelastic soft real-time applications in MANETs

This paper provides a review of the different cross-layer design and protocol tuning approaches that may be used to meet a growing need to support inelastic soft real-time streams in MANETs. These streams are characterised by critical timing and throughput requirements and low packet loss tolerance levels. Many cross-layer approaches exist either for provision of QoS to soft real-time streams in static wireless networks or to improve the performance of real and non-real-time transmissions in MANETs. The common ground and lessons learned from these approaches, with a view to the potential provision of much needed support to real-time applications in MANETs, is therefore discussed

Adaptive and context-aware service discovery for the Internet of Things

The Internet of Things (IoT) vision foresees a future Internet encompassing the realm of smart physical objects, which offer hosted functionality as services. The role of service discovery is crucial when providing application-level, end-to-end integration. In this paper, we propose trendy: a RESTful web services based Service Discovery protocol to tackle the challenges posed by constrained domains while offering the required interoperability. It provides a service selection technique to offer the appropriate service to the user application depending on the available context information of user and services. Furthermore, it employs a demand-based adaptive timer and caching mechanism to reduce the communication overhead and to decrease the service invocation delay. trendy’s grouping technique creates location-based teams of nodes to offer service composition. Our simulation results show that the employed techniques reduce the control packet overhead, service invocation delay and energy consumption. In addition, the grouping technique provides the foundation for group-based service mash-ups and localises control traffic to improve scalability