Towards a fully automated and optimized network security functions orchestration. Bringhenti, D., Marchetto, G., Sisto, R., Valenza, F., & Yusupov, J. In Proceedings of the 4th International Conference on Computing, Communications and Security (ICCCS 2019), pages 1–7, 2019. IEEE.
Towards a fully automated and optimized network security functions orchestration [pdf]Paper  doi  abstract   bibtex   5 downloads  
Automated policy-based network security management tools represent a new research frontier to be fully explored, so as to reduce the number of human errors due to a manual and suboptimal configuration of security services. Moreover, the agility that an automated tool would require can be provided by the most recent networking technologies, Network Functions Virtualization and Software-Defined Networking, which move the network management from the hardware level to the software. However, even though a Security Automation approach is nowadays feasible and would bring several benefits in facing cybersecurity attacks, pending problems are that currently only a limited number of automatic management tools have been developed and that they do not have a direct integration with cloud orchestrators, consequently requiring human interaction. Given these considerations, in this paper we propose a novel framework, whose goal is to automatically and optimally allocate and conFigure security functions in a virtualized network service in a formal and verified way, directly integrated in cloud orchestrators. We validated this contribution through an implementation that is able to cooperate with two well-known orchestrators, that are Open Baton and Kubernetes. © 2019 IEEE.

Downloads: 5