4973459
doi
10.1145/3411505.3418439
oai:zenodo.org:4973459
user-eu
Guido Marchetto
Politecnico di Torino
Riccardo Sisto
Politecnico di Torino
Fulvio Valenza
Politecnico di Torino
Short Paper: Automatic Configuration for an Optimal Channel Protection in Virtualized Networks
Daniele Bringhent
Politecnico di Torino
info:eu-repo/semantics/openAccess
Creative Commons Attribution 4.0 International
https://creativecommons.org/licenses/by/4.0/legalcode
channel protection
network security optimization
network functions virtualization
automation
<p>Data confidentiality, integrity and authentication are security properties which are often enforced with the generation of secure channels, such as Virtual Private Networks, over unreliable network infrastructures. Traditionally, the configuration of the systems responsible of encryption operations is performed manually. However, the advent of software-based paradigms, such as Software-Defined Networking and Network Functions Virtualization, has introduced new arms races. In particular, even though network management has become more flexible, the increased complexity of virtual networks is making manual operations unfeasible and leading to errors which open the path to a large number of cyber attacks. A possible solution consists in reaching a trade-off between flexibility and complexity, by automatizing the configuration of the channel protection systems through policy refinement. In view of these considerations, this paper proposes a preliminary study for an innovative methodology to automatically allocate and configure channel protection systems in virtualized networks. The proposed approach would be based on the formulation of a MaxSMT problem and it would be the first to combine automation, formal verification and optimality in a single technique.</p>
Zenodo
2020-11-13
info:eu-repo/semantics/conferencePaper
4973458
user-eu
award_title=AddreSsing ThReats for virtualIseD services; award_number=786922; award_identifiers_scheme=url; award_identifiers_identifier=https://cordis.europa.eu/projects/786922; funder_id=00k4n6c32; funder_name=European Commission;
award_title=Cyber Security Network of Competence Centres for Europe; award_number=830929; award_identifiers_scheme=url; award_identifiers_identifier=https://cordis.europa.eu/projects/830929; funder_id=00k4n6c32; funder_name=European Commission;
1623980896.634025
554901
md5:1dfa68ad4d66ae4d5be3e7192966e2a5
https://zenodo.org/records/4973459/files/Bringhenti2020_CCS.pdf
public