Toward Secure Outsourced Middlebox Services: Practices, Challenges, and Beyond

Cong Wang; Xingliang Yuan; Yong Cui; Kui Ren

doi:10.1109/MNET.2017.1700060

Toward Secure Outsourced Middlebox Services: Practices, Challenges, and Beyond

Cong Wang, Xingliang Yuan, Yong Cui, Kui Ren

Department of Computer Science

Research output: Journal Publications and Reviews › RGC 21 - Publication in refereed journal › peer-review

25 Citations (Scopus)

Abstract

Modern enterprise networks heavily rely on ubiquitous network middleboxes for advanced traffic processing such as deep packet inspection, traffic classification, and load balancing. Recent advances in NFV have pushed forward the paradigm of migrating in-house middleboxes to third-party providers as software-based services for reduced cost yet increased scalability. Despite its potential, this new service model also raises new security and privacy concerns, as traffic is now redirected and processed in an untrusted environment. In this article, we survey recent efforts in the direction of enabling secure outsourced middlebox functions, and identify open challenges for researchers and practitioners to further investigate solutions toward secure middlebox services.

Original language	English
Article number	8010761
Pages (from-to)	166-171
Journal	IEEE Network
Volume	32
Issue number	1
DOIs	https://doi.org/10.1109/MNET.2017.1700060
Publication status	Published - Jan 2018

Access Output

10.1109/MNET.2017.1700060

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@article{f32a5bb4aca7455d948ec0361220ad1f,

title = "Toward Secure Outsourced Middlebox Services: Practices, Challenges, and Beyond",

abstract = "Modern enterprise networks heavily rely on ubiquitous network middleboxes for advanced traffic processing such as deep packet inspection, traffic classification, and load balancing. Recent advances in NFV have pushed forward the paradigm of migrating in-house middleboxes to third-party providers as software-based services for reduced cost yet increased scalability. Despite its potential, this new service model also raises new security and privacy concerns, as traffic is now redirected and processed in an untrusted environment. In this article, we survey recent efforts in the direction of enabling secure outsourced middlebox functions, and identify open challenges for researchers and practitioners to further investigate solutions toward secure middlebox services.",

author = "Cong Wang and Xingliang Yuan and Yong Cui and Kui Ren",

year = "2018",

month = jan,

doi = "10.1109/MNET.2017.1700060",

language = "English",

volume = "32",

pages = "166--171",

journal = "IEEE Network",

issn = "0890-8044",

publisher = "IEEE",

number = "1",

}

TY - JOUR

T1 - Toward Secure Outsourced Middlebox Services

T2 - Practices, Challenges, and Beyond

AU - Wang, Cong

AU - Yuan, Xingliang

AU - Cui, Yong

AU - Ren, Kui

PY - 2018/1

Y1 - 2018/1

N2 - Modern enterprise networks heavily rely on ubiquitous network middleboxes for advanced traffic processing such as deep packet inspection, traffic classification, and load balancing. Recent advances in NFV have pushed forward the paradigm of migrating in-house middleboxes to third-party providers as software-based services for reduced cost yet increased scalability. Despite its potential, this new service model also raises new security and privacy concerns, as traffic is now redirected and processed in an untrusted environment. In this article, we survey recent efforts in the direction of enabling secure outsourced middlebox functions, and identify open challenges for researchers and practitioners to further investigate solutions toward secure middlebox services.

AB - Modern enterprise networks heavily rely on ubiquitous network middleboxes for advanced traffic processing such as deep packet inspection, traffic classification, and load balancing. Recent advances in NFV have pushed forward the paradigm of migrating in-house middleboxes to third-party providers as software-based services for reduced cost yet increased scalability. Despite its potential, this new service model also raises new security and privacy concerns, as traffic is now redirected and processed in an untrusted environment. In this article, we survey recent efforts in the direction of enabling secure outsourced middlebox functions, and identify open challenges for researchers and practitioners to further investigate solutions toward secure middlebox services.

UR - http://www.scopus.com/inward/record.url?scp=85028457236&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85028457236&origin=recordpage

U2 - 10.1109/MNET.2017.1700060

DO - 10.1109/MNET.2017.1700060

M3 - RGC 21 - Publication in refereed journal

SN - 0890-8044

VL - 32

SP - 166

EP - 171

JO - IEEE Network

JF - IEEE Network

IS - 1

M1 - 8010761

ER -

Toward Secure Outsourced Middlebox Services: Practices, Challenges, and Beyond

Abstract

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this