Visible to the public Biblio

Filters: Keyword is NFV MANO  [Clear All Filters]
2020-04-17
Go, Sharleen Joy Y., Guinto, Richard, Festin, Cedric Angelo M., Austria, Isabel, Ocampo, Roel, Tan, Wilson M..  2019.  An SDN/NFV-Enabled Architecture for Detecting Personally Identifiable Information Leaks on Network Traffic. 2019 Eleventh International Conference on Ubiquitous and Future Networks (ICUFN). :306—311.

The widespread adoption of social networking and cloud computing has transformed today's Internet to a trove of personal information. As a consequence, data breaches are expected to increase in gravity and occurrence. To counteract unintended data disclosure, a great deal of effort has been dedicated in devising methods for uncovering privacy leaks. Existing solutions, however, have not addressed the time- and data-intensive nature of leak detection. The shift from hardware-specific implementation to software-based solutions is the core idea behind the concept of Network Function Virtualization (NFV). On the other hand, the Software Defined Networking (SDN) paradigm is characterized by the decoupling of the forwarding and control planes. In this paper, an SDN/NFV-enabled architecture is proposed for improving the efficiency of leak detection systems. Employing a previously developed identification strategy, Personally Identifiable Information detector (PIID) and load balancer VNFs are packaged and deployed in OpenStack through an NFV MANO. Meanwhile, SDN controllers permit the load balancer to dynamically redistribute traffic among the PIID instances. In a physical testbed, tests are conducted to evaluate the proposed architecture. Experimental results indicate that the proportions of forwarding and parsing on total overhead is influenced by the traffic intensity. Furthermore, an NFV-enabled system with scalability features was found to outperform a non-virtualized implementation in terms of latency (85.1%), packet loss (98.3%) and throughput (8.41%).

2019-12-16
Guija, Daniel, Siddiqui, Muhammad Shuaib.  2018.  Identity and Access Control for Micro-services Based 5G NFV Platforms. Proceedings of the 13th International Conference on Availability, Reliability and Security. :46:1–46:10.
The intrinsic use of SDN/NFV technologies in 5G infrastructures promise to enable the flexibility and programmability of networks to ensure lower cost of network and service provisioning and operation, however it brings new challenges and requirements due to new architectural changes. In terms of security, authentication and authorization functions need to evolve towards the new and emerging 5G virtualization platforms in order to meet the requirements of service providers and infrastructure operators. Over the years, a lot of authentication techniques have been used. Now, a wide range of options arise allowing to extend existing authentication and authorization mechanisms. This paper focuses on proposing and showcasing a 5G platform oriented solution among different approaches to integrate authentication and authorization functionalities, an adapted secure and stateless mechanism, providing identity and permissions management to handle not only users, but also system micro-services, in a network functions virtualization management and orchestration (NFV MANO) system, oriented to deploy virtualized services. The presented solution uses the NFV-based SONATA Service Platform which offers capabilities for a continuous integration and delivery DevOps methodology that allow high levels of programmability and flexibility to manage the entire life cycle of Virtual Network Functions, and enables the perfect scenario to showcase different approaches for authentication and authorization mechanisms for users and micro-services in a 5G platform.