دانلود رایگان مقاله به سوی یک مجازی سازی شبکه ایمن

Abstract

Network virtualization promises to fulfill the demand for an agile Internet that is friendly to technological innovation. In the past, tremendous efforts have been dedicated to studying the fundamental problem in network virtualization, namely Virtual Network Embedding (VNE). However, until recently, very limited work has addressed the security issues and implications of VNE or network virtualization as a whole, despite their importance. On one hand, the literature lacks a systematic overview of security issues in network virtualization (e.g., which can be VNE-relevant or VNE-irrelevant). On the other hand, existing studies on security-aware VNE share common limitations. This paper aims to present a timely study to fill the above needs with the following contributions: First, we present a classified comprehensive overview of security issues that arise in the context of network virtualization based on multiple criteria. Second, based on the review of existing approaches in Security-aware Virtual Network Embedding (SVNE), a novel framework is presented to address VNE-relevant security issues in network virtualization. Third, our extensive evaluation uncovers a few important implications and shows that the proposed framework can address the SVNE problem with reduced time (compared to that of the regular VNE approach).

7. Conclusion and future work

This work has presented a classified overview on security issues in network virtualization based on four criteria: layer, security goal, granularity, and VNE-relevance. To address the VNE-relevant security issues, we have designed security plans to be incorporated into the resulting SVNE problem, which is further addressed with a framework employing preprocessing and mathematical models. Our overall solution adopts an open design principle and supports flexible security level customization. Likewise, we have discussed the possible solutions to other security issues that may not be directly addressed in the VNE process. In the future, we plan to develop a pricing model to ensure both the revenue increase of the InPs (to amortize the investment on security components) and obscurity level of the mapping results.