Abstract
Network functions virtualization (NFV) emerges as a promising network architecture that separates network functions from proprietary devices. NFV lowers the cost of hardware components and enables fast and flexible deployment of network services. Despite these advantages, NFV introduces new security challenges. Currently, there is little research on a holistic framework to solve these security issues. In this paper, we propose a security service orchestration framework that can construct a cooperative working mechanism for NFV security. We present the demand analysis and describe the system design principles and implementation details. We propose a lightweight holistic architecture design of the security service orchestration system to solve current security issues. The system’s effectiveness is also shown based on technical review.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
AT&T Embraces Network Functions Virtualization and May Open Source its NFV Platform. http://alturl.com/mzsyy
AT&T FlexWare. http://alturl.com/2c6ev
Network Function Virtualization (NFV) Market. http://alturl.com/xps2u
Openstack : Security Vulnerabilities. https://www.cvedetails.com/vulnerability-list/vendor_id-11727/Openstack.html
Basile, C., Lioy, A., Pitscheider, C., Valenza, F., Vallini, M.: A novel approach for integrating security policy enforcement with dynamic network virtualization. In: Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft), pp. 1–5. IEEE (2015)
Basile, C., Valenza, F., Lioy, A., Lopez, D.R., Perales, A.P.: Adding support for automatic enforcement of security policies in NFV networks. IEEE/ACM Trans. Netw. 27(2), 707–720 (2019)
Basta, A., Kellerer, W., Hoffmann, M., Morper, H.J., Hoffmann, K.: Applying NFV and SDN to LTE mobile core gateways, the functions placement problem. In: Proceedings of the 4th Workshop on All Things Cellular: Operations, Applications, and Challenges, pp. 33–38 (2014)
Farris, I., Taleb, T., Khettab, Y., Song, J.: A survey on emerging SDN and NFV security mechanisms for IoT systems. IEEE Commun. Surv. Tutor. 21(1), 812–837 (2018)
Firoozjaei, M.D., Jeong, J.P., Ko, H., Kim, H.: Security challenges with network functions virtualization. Future Gener. Comput. Syst. 67, 315–324 (2017)
Gong, W., et al.: Fast and adaptive continuous scanning in large-scale RFID systems. IEEE/ACM Trans. Netw. 24(6), 3314–3325 (2016)
Hawilo, H., Shami, A., Mirahmadi, M., Asal, R.: NFV: state of the art, challenges, and implementation in next generation mobile networks (vEPC). IEEE Netw. 28(6), 18–26 (2014)
Liu, H., Gong, W., Miao, X., Liu, K., He, W.: Towards adaptive continuous scanning in large-scale RFID systems. In: IEEE INFOCOM 2014-IEEE Conference on Computer Communications, pp. 486–494. IEEE (2014)
Marchetto, G., Sisto, R., Valenza, F., Yusupov, J.: A framework for verification-oriented user-friendly network function modeling. IEEE Access 7, 99349–99359 (2019)
Naudts, B., Flores, M., Mijumbi, R., Verbrugge, S., Serrat, J., Colle, D.: A dynamic pricing algorithm for a network of virtual resources. Int. J. Netw. Manag. 27(2), e1960 (2017)
Ordonez-Lucena, J., Ameigeiras, P., Lopez, D., Ramos-Munoz, J.J., Lorca, J., Folgueira, J.: Network slicing for 5G with SDN/NFV: concepts, architectures, and challenges. IEEE Commun. Mag. 55(5), 80–87 (2017)
Palkar, S., et al.: E2: a framework for NFV applications. In: Proceedings of the 25th Symposium on Operating Systems Principles, pp. 121–136 (2015)
Pedone, I., Lioy, A., Valenza, F.: Towards an efficient management and orchestration framework for virtual network security functions. Secur. Commun. Netw. 2019 (2019)
Reynaud, F., Aguessy, F.X., Bettan, O., Bouet, M., Conan, V.: Attacks against network functions virtualization and software-defined networking: state-of-the-art. In: 2016 IEEE NetSoft Conference and Workshops (NetSoft), pp. 471–476. IEEE (2016)
Stallings, W.: Foundations of Modern Networking: SDN, NFV, QoE, IoT, and Cloud. Addison-Wesley Professional, Boston (2015)
Yang, W., Fung, C.: A survey on security in network functions virtualization. In: 2016 IEEE NetSoft Conference and Workshops (NetSoft), pp. 15–19. IEEE (2016)
Zhao, Y., Li, J., Miao, X., Ding, X.: Urban crowd flow forecasting based on cellular network. In: Proceedings of the ACM Turing Celebration Conference-China, pp. 1–5 (2019)
Acknowledgement
This research is supported by the Science and Technology Projects of State Grid Jiangsu Electric Power Co., Ltd. (J2019123), NSFC Project No. 61772358 and NSFC Project No. 61572347.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Song, H., Wu, Q., Chen, Y., Dong, M., Wang, R. (2020). Design of a Security Service Orchestration Framework for NFV. In: Liu, J., Gao, H., Yin, Y., Bi, Z. (eds) Mobile Computing, Applications, and Services. MobiCASE 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 341. Springer, Cham. https://doi.org/10.1007/978-3-030-64214-3_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-64214-3_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-64213-6
Online ISBN: 978-3-030-64214-3
eBook Packages: Computer ScienceComputer Science (R0)