Journal article Open Access

Secure Virtual Network Embedding in a Multi-Cloud Environment

Alaluna, Max; Ferrolho, Luís; Neves, Nuno; Ramos, Fernando M.V.; Figueira, José Rui

Recently-proposed virtualization platforms give Cloud users the freedom to specify their network topologies and addressing schemes. These platforms have, however, been targeting a single datacenter of a cloud provider, which is insufficient to support (critical) applications that need to be deployed across multiple trust domains while enforcing diverse security requirements. This paper addresses this problem by presenting a novel solution for a central component of network virtualization –the online network embedding, which finds efficient mappings of virtual networks requests onto the substrate network. Our solution considers security as a first class citizen, enabling the definition of flexible policies in three central areas: on the communications, where alternative security compromises can be explored (e.g.,encryption); on the computations, supporting redundancy if necessary while capitalizing on hardware assisted trusted executions; across multiples clouds, including public and private facilities, with the associated trust levels. We formulate the solution as a Mixed Integer Linear Program (MILP), and evaluate our proposal against the most commonly used alternative. Our analysis gives insight into the trade-offs involved with the inclusion of security and trust into network virtualization, providing evidence that this notion may enhance profits under the appropriate cost models.

Files (1.1 MB)
Name Size
1703.01313.pdf
md5:fb9eaf4dccf05c21cc09ebffe82947d3
1.1 MB Download
8
4
views
downloads
All versions This version
Views 88
Downloads 44
Data volume 4.5 MB4.5 MB
Unique views 77
Unique downloads 44

Share

Cite as