Visible to the public A model for the analysis of security policies in service function chains

Submitted by grigby1 on Tue, 12/12/2017 - 1:31pm
TitleA model for the analysis of security policies in service function chains
Publication TypeConference Paper
Year of Publication2017
AuthorsDurante, L., Seno, L., Valenza, F., Valenzano, A.
Conference Name2017 IEEE Conference on Network Softwarization (NetSoft)
ISBN Number978-1-5090-6008-5
KeywordsAd hoc networks, Analytical models, Collaboration, computer network security, cryptography, formal model, Monitoring, network function virtualization, NFV, policy-based governance, program verification, pubcrawl, SDN, security policies, Security Policies Analysis, service function chains, SFC, Software, software defined networking, software tools, Virtual private networks, virtualisation
Abstract

Two emerging architectural paradigms, i.e., Software Defined Networking (SDN) and Network Function Virtualization (NFV), enable the deployment and management of Service Function Chains (SFCs). A SFC is an ordered sequence of abstract Service Functions (SFs), e.g., firewalls, VPN-gateways, traffic monitors, that packets have to traverse in the route from source to destination. While this appealing solution offers significant advantages in terms of flexibility, it also introduces new challenges such as the correct configuration and ordering of SFs in the chain to satisfy overall security requirements. This paper presents a formal model conceived to enable the verification of correct policy enforcements in SFCs. Software tools based on the model can then be designed to cope with unwanted network behaviors (e.g., security flaws) deriving from incorrect interactions of SFs of the same SFC.

URLhttps://ieeexplore.ieee.org/document/8004230/
DOI10.1109/NETSOFT.2017.8004230
Citation Keydurante_model_2017
Groups: