A novel approach for security function graph configuration and deployment. Bringhenti, D., Marchetto, G., Sisto, R., & Valenza, F. In 7th IEEE International Conference on Network Softwarization, NetSoft 2021, Tokyo, Japan, June 28 - July 2, 2021, pages 457–463, 2021. IEEE. ![A novel approach for security function graph configuration and deployment [pdf]](https://bibbase.org/img/filetypes/pdf.svg "pdf")
Paper doi abstract bibtex 4 downloads Network virtualization increased the versatility in enforcing security protection, by easing the development of new security function implementations. However, the drawback of this opportunity is that a security provider, in charge of configuring and deploying a security function graph, has to choose the best virtual security functions among a pool so large that makes manual decisions unfeasible. In light of this problem, the paper proposes a novel approach for synthesizing virtual security services by introducing the functionality abstraction. This new level of abstraction allows to work in the virtual level without considering the different function implementations, with the objective to postpone the function selection jointly with the deployment, after the configuration of the virtual graph. This novelty enables to optimize the function selection when the pool of available functions is very large. A framework supporting this approach has been implemented and it showed adequate scalability for the requirements of modern virtual networks
@InProceedings{2021Netsoft,
author = {Daniele Bringhenti and
Guido Marchetto and
Riccardo Sisto and
Fulvio Valenza},
title = {A novel approach for security function graph configuration and deployment},
booktitle = {7th {IEEE} International Conference on Network Softwarization, NetSoft
2021, Tokyo, Japan, June 28 - July 2, 2021},
pages = {457--463},
publisher = {{IEEE}},
year = {2021},
url = {https://iris.polito.it/retrieve/handle/11583/2921763/513222/main.pdf},
doi = {10.1109/NetSoft51509.2021.9492654},
abstract={Network virtualization increased the versatility in
enforcing security protection, by easing the development of
new security function implementations. However, the drawback
of this opportunity is that a security provider, in charge of
configuring and deploying a security function graph, has to
choose the best virtual security functions among a pool so large
that makes manual decisions unfeasible. In light of this problem,
the paper proposes a novel approach for synthesizing virtual
security services by introducing the functionality abstraction.
This new level of abstraction allows to work in the virtual level
without considering the different function implementations, with
the objective to postpone the function selection jointly with the
deployment, after the configuration of the virtual graph. This
novelty enables to optimize the function selection when the pool
of available functions is very large. A framework supporting
this approach has been implemented and it showed adequate
scalability for the requirements of modern virtual networks},
keywords={Security Function Modeling,Policy Refinement,Security Automation},
}
Downloads: 4
{"_id":"fcbB2FXqpQjhwruCM","bibbaseid":"bringhenti-marchetto-sisto-valenza-anovelapproachforsecurityfunctiongraphconfigurationanddeployment-2021","author_short":["Bringhenti, D.","Marchetto, G.","Sisto, R.","Valenza, F."],"bibdata":{"bibtype":"inproceedings","type":"inproceedings","author":[{"firstnames":["Daniele"],"propositions":[],"lastnames":["Bringhenti"],"suffixes":[]},{"firstnames":["Guido"],"propositions":[],"lastnames":["Marchetto"],"suffixes":[]},{"firstnames":["Riccardo"],"propositions":[],"lastnames":["Sisto"],"suffixes":[]},{"firstnames":["Fulvio"],"propositions":[],"lastnames":["Valenza"],"suffixes":[]}],"title":"A novel approach for security function graph configuration and deployment","booktitle":"7th IEEE International Conference on Network Softwarization, NetSoft 2021, Tokyo, Japan, June 28 - July 2, 2021","pages":"457–463","publisher":"IEEE","year":"2021","url":"https://iris.polito.it/retrieve/handle/11583/2921763/513222/main.pdf","doi":"10.1109/NetSoft51509.2021.9492654","abstract":"Network virtualization increased the versatility in enforcing security protection, by easing the development of new security function implementations. However, the drawback of this opportunity is that a security provider, in charge of configuring and deploying a security function graph, has to choose the best virtual security functions among a pool so large that makes manual decisions unfeasible. In light of this problem, the paper proposes a novel approach for synthesizing virtual security services by introducing the functionality abstraction. This new level of abstraction allows to work in the virtual level without considering the different function implementations, with the objective to postpone the function selection jointly with the deployment, after the configuration of the virtual graph. This novelty enables to optimize the function selection when the pool of available functions is very large. A framework supporting this approach has been implemented and it showed adequate scalability for the requirements of modern virtual networks","keywords":"Security Function Modeling,Policy Refinement,Security Automation","bibtex":"@InProceedings{2021Netsoft,\r\n author = {Daniele Bringhenti and\r\n Guido Marchetto and\r\n Riccardo Sisto and\r\n Fulvio Valenza},\r\n title = {A novel approach for security function graph configuration and deployment},\r\n booktitle = {7th {IEEE} International Conference on Network Softwarization, NetSoft\r\n 2021, Tokyo, Japan, June 28 - July 2, 2021},\r\n pages = {457--463},\r\n publisher = {{IEEE}},\r\n year = {2021},\r\n url = {https://iris.polito.it/retrieve/handle/11583/2921763/513222/main.pdf},\r\n doi = {10.1109/NetSoft51509.2021.9492654},\r\n abstract={Network virtualization increased the versatility in\r\nenforcing security protection, by easing the development of\r\nnew security function implementations. However, the drawback\r\nof this opportunity is that a security provider, in charge of\r\nconfiguring and deploying a security function graph, has to\r\nchoose the best virtual security functions among a pool so large\r\nthat makes manual decisions unfeasible. In light of this problem,\r\nthe paper proposes a novel approach for synthesizing virtual\r\nsecurity services by introducing the functionality abstraction.\r\nThis new level of abstraction allows to work in the virtual level\r\nwithout considering the different function implementations, with\r\nthe objective to postpone the function selection jointly with the\r\ndeployment, after the configuration of the virtual graph. This\r\nnovelty enables to optimize the function selection when the pool\r\nof available functions is very large. A framework supporting\r\nthis approach has been implemented and it showed adequate\r\nscalability for the requirements of modern virtual networks},\r\n keywords={Security Function Modeling,Policy Refinement,Security Automation}, \r\n}\r\n\r\n","author_short":["Bringhenti, D.","Marchetto, G.","Sisto, R.","Valenza, F."],"key":"2021Netsoft","id":"2021Netsoft","bibbaseid":"bringhenti-marchetto-sisto-valenza-anovelapproachforsecurityfunctiongraphconfigurationanddeployment-2021","role":"author","urls":{"Paper":"https://iris.polito.it/retrieve/handle/11583/2921763/513222/main.pdf"},"keyword":["Security Function Modeling","Policy Refinement","Security Automation"],"metadata":{"authorlinks":{}},"downloads":4},"bibtype":"inproceedings","biburl":"https://raw.githubusercontent.com/FulvioValenza/bibliography/main/Valenza_bibliography.bib","dataSources":["oHcDH9GXBbkp4t9gm","JbiX35GNqPCF3nids","hZL94qE5m3pMWuJwA","8EGSmY4udryikjQyX","nMy6C9RcR4TJMDbmB","Ka2S54TRk8na4h8uK","qgD6ZecrgthN9jyS8","yf5ybPwJxfS5zDTx9","8iJ7pScsBCJNMEwBL","XZnEt8kdXurbtCWoc","R3zwdw7JArkWqNexb"],"keywords":["security function modeling","policy refinement","security automation"],"search_terms":["novel","approach","security","function","graph","configuration","deployment","bringhenti","marchetto","sisto","valenza"],"title":"A novel approach for security function graph configuration and deployment","year":2021,"downloads":4}