Low Latency Security Function Chain Embedding Across Multiple Domains

5G network is envisioned to provide massive connectivity for a wide range of applications, such as ultra-clear media, internet of vehicles, and smart home. The traditional way of providing security services is difficult to support these new 5G applications flexibly and effectively. In our previous work, we proposed a SFC-based framework that chains security functions in different domains to provide security services on demand. However, creating cross-domain service function chains will inevitably result in the additional network latency. In this paper, we study this problem of minimizing the end-to-end latency when deploying cross-domain service function chains for 5G applications. First, an exact approach, consisting of service chain partition and service subchain embedding, is proposed to derive an optimal solution for cross-domain service function chain placement. Second, we improve the Viterbi algorithm and propose an efficient heuristic approach to derive near-optimal solutions for large networks. We also compare the performance of the proposed exact approach, the proposed heuristic approach, and the simple greedy approach in different scales of network infrastructures. Simulation results are presented to demonstrate the effectiveness of the proposed approaches.

[1]  Younghan Kim,et al.  An implementation of hierarchical service function chaining using OpenDaylight platform , 2016, 2016 IEEE NetSoft Conference and Workshops (NetSoft).

[2]  Marcos A. Simplício,et al.  A Framework for Enabling Security Services Collaboration Across Multiple Domains , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[3]  Min Chen,et al.  Coping With Emerging Mobile Social Media Applications Through Dynamic Service Function Chaining , 2016, IEEE Transactions on Wireless Communications.

[4]  Mohsen Guizani,et al.  Network function virtualization in 5G , 2016, IEEE Communications Magazine.

[5]  Yuval Shavitt,et al.  Constrained mirror placement on the Internet , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[6]  Mohamed Boucadair,et al.  Hierarchical Service Function Chaining (hSFC) , 2018, RFC.

[7]  Jianping Wang,et al.  OpenSCaaS: an open service chain as a service platform toward the integration of SDN and NFV , 2015, IEEE Network.

[8]  Roberto Bifulco,et al.  CATENAE: A scalable service function chaining system for legacy mobile networks , 2017, Int. J. Netw. Manag..

[9]  Yang Wang,et al.  Towards optimal outsourcing of service function chain across multiple clouds , 2016, 2016 IEEE International Conference on Communications (ICC).

[10]  Vyas Sekar,et al.  Making middleboxes someone else's problem: network processing as a cloud service , 2012, SIGCOMM '12.

[11]  Zhuzhong Qian,et al.  AutoVNF: An Automatic Resource Sharing Schema for VNF Requests , 2017, J. Internet Serv. Inf. Secur..

[12]  Mohammed Samaka,et al.  Optimal virtual network function placement in multi-cloud service function chaining architecture , 2017, Comput. Commun..

[13]  Jr. G. Forney,et al.  The viterbi algorithm , 1973 .

[14]  Ellen W. Zegura,et al.  How to model an internetwork , 1996, Proceedings of IEEE INFOCOM '96. Conference on Computer Communications.

[15]  Mohamed Cheriet,et al.  Efficient Provisioning of Security Service Function Chaining Using Network Security Defense Patterns , 2019, IEEE Transactions on Services Computing.

[16]  S. Eddy Hidden Markov models. , 1996, Current opinion in structural biology.

[17]  Joseph Naor,et al.  Near optimal placement of virtual network functions , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[18]  Eric Wang,et al.  Service Function Chaining Use Cases for Network Security , 2017 .

[19]  Jordi Pérez-Romero,et al.  Technology pillars in the architecture of future 5G mobile networks: NFV, MEC and SDN , 2017, Comput. Stand. Interfaces.

[20]  Huachun Zhou,et al.  A new method for providing network services: Service function chain , 2017, Opt. Switch. Netw..