A framework for enabling security services collaboration across multiple domains. (July 2018)
- Record Type:
- Journal Article
- Title:
- A framework for enabling security services collaboration across multiple domains. (July 2018)
- Main Title:
- A framework for enabling security services collaboration across multiple domains
- Authors:
- Migault, Daniel
Simplicio, Marcos A.
Barros, Bruno M.
Pourzandi, Makan
Almeida, Thiago R.
Andrade, Ewerton R.
Carvalho, Tereza C. - Abstract:
- Abstract: Network function virtualization opens a new era for security, allowing on-demand instantiation of defense appliances via technologies such as SDN (Software Defined Networking) and Service Function Chaining (SFC). Taking full advantage of such capabilities, however, requires collaboration among Security Service Functions (SSFs) distributed throughout the network. Indeed, collaboration among SSFs is expected to become as essential to SECaaS (SECurity as a Service) as elasticity is to IaaS (Infrastructure as a Service), enabling the efficient allocation of resources for handling large scale attacks. In this paper, we propose a framework leveraging SDN and SFC to improve collaboration among SSFs, allowing SSFs from different domains to negotiate and dynamically control the amount of resources dedicated to collaboration (called a "best-effort" mode). The feasibility, efficiency and scalability of the solution is experimentally assessed, showing that it incurs low overhead, increases the amount of traffic treated by SSFs before packets start being dropped.
- Is Part Of:
- Computers & electrical engineering. Volume 69(2018)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 69(2018)
- Issue Display:
- Volume 69, Issue 2018 (2018)
- Year:
- 2018
- Volume:
- 69
- Issue:
- 2018
- Issue Sort Value:
- 2018-0069-2018-0000
- Page Start:
- 224
- Page End:
- 239
- Publication Date:
- 2018-07
- Subjects:
- Cloud computing -- Multi-domain networks -- Collaborative security -- Service Function Chaining -- Network function virtualization
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2018.02.026 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 6928.xml