Offloading personal security applications to the Network Edge: A mobile user case scenario

This paper discusses some challenges that user mobility imposes over the user-centric protection model against security threats. This model is based on the idea of offloading the security applications from the end user device, and placing them in a trusted network node at the network's edge. Our research perspective is particularly centered around three interrelated mobility challenges, i) the allocation of the security applications “close” to the user, i.e., on network nodes with enhanced processing capabilities, ii) seamless mobility with negligible disruption of ongoing network connections, and iii) dynamic orchestration and management with support of security applications migration. Based on our arguments, we expose the main requirements and trade-offs to be considered in the attempt to support mobility in such environment. We propose a flexible solution that leverages Software Defined Networking, Network Function Virtualization and Computing at the Network Edge to offer a seamless on-path security protection to mobile users. Our preliminary experiments' results considering a WiFi mobile user show that seamless security migration and mobility are feasible in a simple real scenario. Vertical mobility and more complex use cases scenarios are envisioned for future research.

[1]  Vyas Sekar,et al.  Making middleboxes someone else's problem: network processing as a cloud service , 2012, SIGCOMM '12.

[2]  Mario Nemirovsky,et al.  Key ingredients in an IoT recipe: Fog Computing, Cloud computing, and more Fog Computing , 2014, 2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD).

[3]  Dino Farinacci,et al.  The Locator/ID Separation Protocol (LISP) , 2009, RFC.

[4]  Ananth Balashankar,et al.  Software Defined Networking , 2019, 2019 19th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering (STA).

[5]  Hans Schaffers,et al.  Smart Cities and the Future Internet: Towards Cooperation Frameworks for Open Innovation , 2011, Future Internet Assembly.

[6]  Cataldo Basile,et al.  Virtualized security at the network edge: a user-centric approach , 2015, IEEE Communications Magazine.

[7]  Paramvir Bahl,et al.  The Case for VM-Based Cloudlets in Mobile Computing , 2009, IEEE Pervasive Computing.