Title :
Security-aware virtual network embedding
Author :
Shuhao Liu ; Zhiping Cai ; Hong Xu ; Ming Xu
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
Network virtualization is a promising technology to enable multiple architectures to run on a single network. However, virtualization also introduces additional security vulnerabilities that may be exploited by attackers. It is necessary to ensure that the security requirements of virtual networks are met by the physical substrate, which however has not received much attention thus far. This paper represents an early attempt to consider the security issue in virtual network embedding, the process of mapping virtual networks onto physical nodes and links. We model the security demands of virtual networks by proposing a simple taxonomy of abstractions, which is enough to meet the variations of security requirements. Based on the abstraction, we formulate security-aware virtual network embedding as an optimization problem, proposing objective functions and mathematical constraints which involve both resource and security restrictions. Then a heuristic algorithm is developed to solve this problem. Our simulation results indicate its high efficiency and effectiveness.
Keywords :
computer network security; optimisation; virtualisation; abstraction taxonomy; heuristic algorithm; mathematical constraints; multiple architectures; network virtualization; optimization problem; physical links; physical nodes; security demands; security requirements; security vulnerabilities; security-aware virtual network embedding; virtual network mapping process; Bandwidth; Heuristic algorithms; Mathematical model; Network topology; Security; Substrates; Virtualization;
Conference_Titel :
Communications (ICC), 2014 IEEE International Conference on
Conference_Location :
Sydney, NSW
DOI :
10.1109/ICC.2014.6883423
