Towards Security-aware Virtual Network Embedding

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review

35 Scopus Citations
View graph of relations

Author(s)

  • Shuhao LIU
  • Zhiping CAI
  • Hong XU
  • Ming XU

Related Research Unit(s)

Detail(s)

Original languageEnglish
Pages (from-to)151-163
Journal / PublicationComputer Networks
Volume91
Online published31 Aug 2015
Publication statusPublished - 14 Nov 2015

Abstract

Network virtualization is one of the fundamental building blocks of cloud computing, where computation, storage and networking resources are shared through virtualization technologies. However, the complexity of virtualization exposes additional security vulnerabilities, which can be taken advantage of by malicious users. While traditional network security technologies can help in virtualized environments, we argue that it is cost-effective to isolate virtual resources with high security demands from the untrusted ones. This paper attempts to tackle the security issue by offering physical isolation during virtual network embedding, the process of allocating virtual networks onto physical nodes and links. We start from modeling the security demands in virtualized environments by analyzing typical security vulnerabilities. A simple abstracted concept of security demands is defined to capture the variations of security requirements, based on which we formulate security-aware virtual network embedding as an optimization problem. The proposed objective and constraint functions involve both resource and security restrictions. Then, two heuristic algorithms are developed to solve this problem with splittable or unsplittable virtual links, respectively. Our simulation results demonstrate their efficiency and effectiveness.

Research Area(s)

  • Cloud computing, Network virtualization, Resource allocation, Virtual network embedding

Citation Format(s)

Towards Security-aware Virtual Network Embedding. / LIU, Shuhao; CAI, Zhiping; XU, Hong; XU, Ming.

In: Computer Networks, Vol. 91, 14.11.2015, p. 151-163.

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review