Security-aware optimal resource allocation for virtual network embedding

Network virtualization enables the creation of multiple instances of virtual networks on top of a single physical infrastructure. Given its wide applicability, this technique has attracted a lot of interest both from academic researchers and major companies within the segment of computer networks. Although recent efforts (motivated mainly by the search for mechanisms to evaluate Future Internet proposals) have contributed substantially to materialize this concept, none of them has attempted to combine efficient resource allocation with fulfillment of security requirements (e.g., confidentiality). It is important to note that, in the context of virtual networks, the protection of shared network infrastructures constitutes a fundamental condition to enable its use in large scale. To address this problem, in this paper we propose a virtual network embedding model that satisfies security requirements and, at the same time, optimizes physical resource usage. The results obtained demonstrate that the model is able to correctly and optimally map virtual networks to a physical substrate, minimizing bandwidth costs for infrastructure providers.

[1]  Albert,et al.  Topology of evolving networks: local events and universality , 2000, Physical review letters.

[2]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[3]  Minlan Yu,et al.  Rethinking virtual network embedding: substrate support for path splitting and migration , 2008, CCRV.

[4]  Raouf Boutaba,et al.  Virtual Network Embedding with Coordinated Node and Link Mapping , 2009, IEEE INFOCOM 2009.

[5]  David G. Andersen,et al.  Theoretical Approaches to Node Assignment , 2002 .

[6]  Gustavo Prado Alkmim,et al.  Optimal Mapping of Virtual Networks , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[7]  Otto Carlos Muniz Bandeira Duarte,et al.  Virtual networks: isolation, performance, and trends , 2011, Ann. des Télécommunications.

[8]  Deep Medhi,et al.  Establishing Secure Virtual Trust Routing and Provisioning Domains for Future Internet , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[9]  Brendan Jennings,et al.  Policy-assisted planning and deployment of virtual networks , 2011, 2011 7th International Conference on Network and Service Management.

[10]  Ibrahim Matta,et al.  BRITE: Boston University Representative Internet Topology gEnerator: A Flexible Generator of Internet Topologies , 2000 .

[11]  Chris I. Dalton,et al.  Towards automated provisioning of secure virtualized networks , 2007, CCS '07.

[12]  Scott Shenker,et al.  Overcoming the Internet impasse through virtualization , 2005, Computer.

[13]  Xiang Cheng,et al.  Virtual network embedding through topology-aware node ranking , 2011, CCRV.