Skip to main content
SpringerLink
Log in

Policy-Based Management for Federation of Virtualized Infrastructures

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

This paper presents Policy-based Federation (PBF) architecture for interworked Future Internet Virtualized Infrastructures (VIs). Each VI is an individually managed autonomous domain. Users may request slices of virtual resources across the federation, managed and controlled via inter-domain policies that abide by agreed upon federated SLAs. The key component of our PBF architecture is a Policy Service, which provides support for intra-domain policies (Obligation, Authorization, Role-Based Access Control) and for inter-domain Delegation policies. Delegation policies reserve resources in remote domains, update the number of resources exchanged, set alien domain obligations for cross-domain resource provisioning and define the exchange of internal domain information through the execution of remote semantic queries. Key to the architecture is the PBF Policy Ontology that specifies common federation concepts within the context of a user slice and the PBF services that trigger management actions. A prototype of the proposed architecture was developed and deployed in a European Future Internet federated testbed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Notes

  1. NOVI, http://www.fp7-novi.eu.

  2. PlanetLab, http://planet-lab.org.

  3. GENI, http://www.geni.net.

  4. SAVI, http://www.savinetwork.ca.

  5. FEDERICA. http://www.fp7-federica.eu.

  6. FIRE, http://wiki.ict-fire.eu.

  7. Fed4FIRE, http://www.fed4fire.eu.

  8. SFA, http://svn.planetlab.org/wiki/SFAGuide.

  9. PlanetLab, http://planet-lab.org.

  10. CIM, http://www.dmtf.org/standards/cim.

  11. DMTF, http://www.dmtf.org.

  12. Ponder2, http://ponder2.net.

  13. XACML, http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html.

  14. http://www.w3.org/TR/2012/REC-owl2-overview-20121211/.

  15. https://git.man.poznan.pl/gitroot/novi-public.git/tree/.

  16. https://www.assembla.com/spaces/pbf-cell/git/source.

  17. http://www.osgi.org/Technology/WhatIsOSGi.

  18. http://www.martinfowler.com/articles/continuousIntegration.html.

  19. http://servicemix.apache.org/.

  20. http://activemq.apache.org/.

  21. http://aries.apache.org/modules/blueprint.html.

  22. http://twicom.com/doc/com/twicom/qdparser/QDParser.html.

  23. http://apice.unibo.it/xwiki/bin/view/Tuprolog/.

  24. https://docs.oracle.com/javase/tutorial/rmi/.

References

  1. Maglaris, V., Papagianni, C., Androulidakis, G., Grammatikou, M., Grosso, P., Van Der Ham, J., De Laat, C., Pietrzak, B., Belter, B., Steger, J., Laki, S., Campanella, M., Sallent, S.: Toward a holistic federated future internet experimentation environment: the experience of NOVI research and experimentation. IEEE Commun. Mag. 53(7), 136–144 (2015)

    Article  Google Scholar 

  2. van der Ham, J., Stéger, J., Laki, S., Kryftis, Y., Maglaris, V., de Laat, C.: The NOVI information models. Future Gener. Comput. Syst. 42, 64–73 (2015)

    Article  Google Scholar 

  3. Peterson, L., Anderson, T., Culler, D., Roscoe, T.: A blueprint for introducing disruptive technology into the internet. ACM SIGCOMM Comput. Commun. Rev. 33, 59–64 (2003)

    Article  Google Scholar 

  4. Szegedi, P., Figuerola, S., Campanella, M., Maglaris, V., Cervelló-Pastor, C.: With evolution for revolution: managing FEDERICA for future internet research. IEEE Commun. Mag. 47(7), 34–39 (2009)

    Article  Google Scholar 

  5. Grasa, E., Junyent, G., Figuerola, S., Lopez, A., Savoie, M.: UCLPv2: a network virtualization framework built on web services [web services in telecommunications, part II]. IEEE Commun. Mag. 46(3), 126–134 (2008)

    Article  Google Scholar 

  6. Peterson, L., Ricci, R., Falk A., Chase, J.: Slice-based federation architecture. GENI Technical Document http://groups.geni.net/geni/raw-attachment/wiki/SliceFedArch/SFA2.0.pdf. July 2010

  7. Bhatia, S., Bavier, A., Peterson, L., Sevinc, S.: sfatables: a Firewall-like policy engine for federated systems. In: IEEE Distributed computing systems (ICDCS), pp. 467–476 (2011)

  8. Strassner, J.: Policy-based network management: solutions for the next generation. Morgan Kaufmann (2003)

  9. Sloman, M.: Policy driven management for distributed systems. J. Netw. Syst. Manag. 2(4), 333–360 (1994)

    Article  Google Scholar 

  10. Alaettinoglu, C., Villamizar, C., Gerich, E., Kessens, D., Meyer, D., Bates, T., Karrenberg, D., Terpstra, M.: Routing policy specification language (RPSL). RFC 2622 (1999)

  11. Boyle, J., Cohen, R., Herzog, S., Rajan, R., Sastry, A., Durham, D.: The COPS (Common Open Policy Service) Protocol. RFC 2748 (2000)

  12. Romeikat, R.: Domain-specific development of event condition action policies. Logos Verlag Berlin GmbH (2014)

  13. Strassner, J.: DEN-ng: achieving business-driven network management. In: Network operations and management symposium—IEEE NOMS, pp. 753–766 (2002)

  14. Strassner, J., Van Der Meer, S., Jennings, B., De Leon, M.P.: An autonomic architecture to manage ubiquitous computing networks and applications. In: Ubiquitous and Future Networks—ICUFN, pp.116–121 (2009)

  15. Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Lecture notes on computer science, pp. 18–38 (2001)

  16. Twidle, K., Dulay, N., Lupu, E., Sloman, M.: Ponder2: a policy system for autonomous pervasive environments. In: IEEE autonomic and autonomous systems, pp. 330–335 (2009)

  17. Davy, S., Jennings, B., Strassner, J.: The policy continuum-policy authoring and conflict analysis. Comput. Commun. 31(13), 2981–2995 (2008)

    Article  Google Scholar 

  18. Kagal, L., Finin, T., Joshi, A.: A policy based approach to security for the semantic web. Int. Semant. Web Conf. 2870, 402–418 (2003)

    Google Scholar 

  19. Uszok, A., Bradshaw, J.M., Johnson, M., Jeffers, R., Tate, A., Dalton, J., Aitken, S.: KAoS policy management for semantic web services. IEEE Intell. Syst. 19(4), 32–41 (2004)

    Article  Google Scholar 

  20. Han, W., Lei, C.: A survey on policy languages in network and security management. Comput. Netw. 56(1), 477–489 (2012)

    Article  Google Scholar 

  21. Xu, M., Wijesekera, D., Zhang, X.: Runtime administration of an RBAC profile for XACML. IEEE Trans. Serv. Comput. 4(4), 286–299 (2011)

    Article  Google Scholar 

  22. Batista, B.L., Fernandez, M.P.: PonderFlow: a new policy specification language to SDN OpenFlow-based networks. Int. J. Adv. Netw. Serv. 7(3 and 4), 163–172 (2014)

    Google Scholar 

  23. Giotis, K., Kryftis, Y., Maglaris, V.: Policy-based orchestration of NFV services in software defined networks. In: IEEE Network Softwarization (NetSoft), pp. 1–5 (2015)

  24. Ata, S., Huang, D., Liu, X., Wada, A., Xing, T., Juluri, P., Chung, C.-J., Sato, Y., Medhi, D.: SeRViTR: a framework, implementation, and a testbed for a trustworthy future internet. Comput. Netw. 61, 128–146 (2014)

    Article  Google Scholar 

  25. Van der Ham, J., Grosso, P., Van der Pol, R., Toonk, A., De Laat, C.: Using the network description language in optical networks. In: IEEE integrated network management, pp. 199–205 (2007)

  26. Van der Ham, J., Papagianni, C., Steger, J., Matray, P., Kryftis, Y., Grosso, P., Lymberopoulos, L.: Challenges of an information model for federating virtualized infrastructures. In: IEEE systems and virtualization management, pp. 1–6 (2011)

  27. Lymberopoulos, L., Grosso, P., Papagianni, C., Kalogeras, D., Androulidakis, G., Van Der Ham, J., De Laat, C., Maglaris, V.: Managing federations of virtualized infrastructures: a semantic-aware policy based approach. In: IEEE integrated network management, pp. 1235–1242 (2011)

  28. Sloman, M., Lupu, E.: Engineering policy-based ubiquitous systems. Comput. J. 53(7), 1113–1127 (2010)

    Article  Google Scholar 

  29. Lupu, E., Dulay, N., Sloman, M., Sventek, J., Heeps, S., Strowes, S., Twidle, K., Keoh, S.-L., Schaeffer-Filho, A.: AMUSE: autonomic management of ubiquitous e-health systems. Concurr. Comput. Pract. Exp. 20(3), 277–295 (2008)

    Article  Google Scholar 

  30. Wibisono, A., Koning, R., Grosso, P., Belloum, A., Bubak, M., De Laat, C.: OIntEd: online ontology instance editor enabling a new approach to ontology development. J. Softw. Pract. Exp. 43, 1319–1335 (2013)

    Article  Google Scholar 

  31. Chappell, D.: Enterprise service bus. O’Reilly Media, Inc. (2004)

  32. Pashalidis, A., Mitchell, C.J.: A taxonomy of single sign-on systems. Inf. Secur. Priv. 2727, 249–264 (2003)

    Article  MATH  Google Scholar 

  33. Stéger, J., Laki, S., Mátray, P.: A monitoring framework for federated virtualized infrastructures. Meas. Methodol. Tools 7586, 175–194 (2013)

    Article  Google Scholar 

  34. Chowdhury, N.M., Rahman, M.R., Boutaba, R.: Virtual network embedding with coordinated node and link mapping. In: IEEE INFOCOM, pp. 783–791 (2009)

  35. Papagianni, C., Leivadeas, A., Papavassiliou, S., Maglaris, V., Cervello-Pastor, C., Monje, A.: On the optimal allocation of virtual resources in cloud computing networks. IEEE Trans. Comput. 62(6), 1060–1071 (2013)

    Article  MathSciNet  Google Scholar 

  36. Bell, D.: UML basics: an introduction to the unified modeling language. The Rational Edge (2003)

  37. Pérez, J., Arenas, M., Gutierrez, C.: Semantics and complexity of SPARQL. Int. Semant. Web Conf. 4237, 30–43 (2006)

    Google Scholar 

  38. Pittaras, C., Papagianni, C., Leivadeas, A., Grosso, P., van der Ham, J., Papavassiliou, S.: Resource discovery and allocation for federated virtualized infrastructures. Future Gener. Comput. Syst. 42, 55–63 (2015)

    Article  Google Scholar 

Download references

Acknowledgments

This work was partially supported by the European Commission, 7th Framework Programme for Research and Technological Development, Future Internet Research and Experimentation (FIRE), Grant No. 257867—NOVI.

The authors wish to thank their NOVI collaborators that greatly contributed to this work with their ideas and support. Notably we appreciated the help of: Dr. Leonidas Lymberopoulos (now with EXUS, Athens, Greece) and Dr. Chrysa Papagianni (NTUA); Dr. Paola Grosso, Dr. Jeroen van der Ham, Chariklis Pittaras and Prof. Cees de Laat (University of Amsterdam); Bartosz Belter, Pietrzak Błażej and Piotr Pikusa (Poznań Supercomputing and Networking Center—PSNC); Dr. József Stéger, Laki Sándor and Prof. Gábor Vattay (Eötvös Loránd University—ELTE, Budapest); Dr. Klaas Wierenga (Cisco Systems).

Author information

Authors and Affiliations

  1. Network Management and Optimal Design Laboratory (NETMODE), School of Electrical and Computer Engineering, National Technical University of Athens (NTUA), Athens, Greece

    Yiannos Kryftis, Maria Grammatikou, Dimitris Kalogeras & Vasilis Maglaris

Authors
  1. Yiannos Kryftis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maria Grammatikou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dimitris Kalogeras
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vasilis Maglaris
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yiannos Kryftis.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kryftis, Y., Grammatikou, M., Kalogeras, D. et al. Policy-Based Management for Federation of Virtualized Infrastructures. J Netw Syst Manage 25, 229–252 (2017). https://doi.org/10.1007/s10922-016-9390-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10922-016-9390-z

Keywords

Search

Navigation