Abstract
Federated cloud networks are formed by federating virtual network segments from different cloud platforms into a single federated network. This allows virtual machines from one virtual network segment to communicate with virtual machines running on the other virtual network segments of the federated network. Federated cloud networks can be very useful for creating application specific isolated networks between clouds. In this paper we describe current work in the BEACON project to secure the federated network with a global security policy. Virtual network functions and service function chaining are used to implement the security policy. The federated cloud network security policy is described in a service manifest. This enables automated deployment and configuration of network security functions across the different cloud federation networks. The approach is illustrated with a simple case study where communications between trusted and untrusted clouds are encrypted.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Celesti, A., Fazio, M., Giacobbe, M., Puliafito, A., Villari, M.: Characterizing IoT cloud federation, Le Régent Congress Centre, Crans-Montana, Switzerland. IEEE Computer Society (2016)
Moreno-Vozmediano, R., et al.: BEACON: a cloud network federation framework. In: Celesti, A., Leitner, P. (eds.) ESOCC Workshops 2015. CCIS, vol. 567, pp. 325–337. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33313-7_25
Massonet, P., Levin, A., Celesti, A., Villari, M.: Security requirements in a federated cloud networking architecture. In: Celesti, A., Leitner, P. (eds.) ESOCC Workshops 2015. CCIS, vol. 567, pp. 79–88. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33313-7_6
Banerjee, S., Shaw, R., Sarkar, A., Debnath, N.: Towards logical level design of big data. In: IEEE 13th International Conference on Industrial Informatics (INDIN), pp. 1665–1671, July 2015
Aldrin, S., Krishnan, R., Pignataro, N.A.C., Ghanwani, A.: Service function chaining operation, administration and maintenance framework. In: IETF RFC, February 2016
L4-l7 service function chaining solution architecture. In: ONF TS-027. Version 1.0, June 2015
Gupta, A., Habib, M.F., Chowdhury, P., Tornatore, M., Mukherjee, B.: On service chaining using virtual network functions in network-enabled cloud systems. In: 2015 IEEE International Conference on Advanced Networks and Telecommuncations Systems (ANTS), pp. 1–3, December 2015
Mehraghdam, S., Karl, H.: Specification of complex structures in distributed service function chaining using a YANG data model. CoRR, abs/1503.02442 (2015)
Sahhaf, S., Tavernier, W., Czentye, J., Sonkoly, B., Sköldström, P., Jocha, D., Garay, J.: Scalable architecture for service function chain orchestration. In: 2015 Fourth European Workshop on Software Defined Networks, pp. 19–24, September 2015
Acknowledgment
This work has been supported by the BEACON project, grant agreement number 644048, funded by the European Union’s Horizon 2020 Programme under topic ICT-07-2014.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Massonet, P., Dupont, S., Michot, A., Levin, A., Villari, M. (2018). A Motivating Case Study for Coordinating Deployment of Security VNF in Federated Cloud Networks. In: Lazovik, A., Schulte, S. (eds) Advances in Service-Oriented and Cloud Computing. ESOCC 2016. Communications in Computer and Information Science, vol 707. Springer, Cham. https://doi.org/10.1007/978-3-319-72125-5_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-72125-5_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72124-8
Online ISBN: 978-3-319-72125-5
eBook Packages: Computer ScienceComputer Science (R0)