Um Modelo para Mapeamento Ótimo de Redes Virtuais com Requisitos de Segurança
Abstract
Network virtualization enables the creation of multiple instances of virtual networks on top of a single physical infrastructure. Given its wide applicability, this technique has attracted a lot of interest both from academic researchers and major companies within the segment of computer networks. Although recent efforts (motivated mainly by the search for mechanisms to enable the evaluation of Future Internet proposals) have contributed substantially to materialize this concept, none of them has attempted to combine efficient resource allocation with fulfillment of security requirements (e.g., confidentiality). It is important to note that, in the context of virtual networks, the protection of shared network infrastructures constitutes a fundamental condition to enable its use in large scale. To address this problem, in this paper we propose a virtual network embedding model that aims to provide the desired level of security while optimizing physical resource usage. The results obtained demonstrate that the model is able to correctly and optimally map virtual networks to a physical substrate, minimizing bandwidth costs for infrastructure providers.
References
Alkmim, G. P., Batista, D. M., and Fonseca, N. L. S. (2011). Optimal mapping of virtual networks. In Global Telecommunications Conference (GLOBECOM 2011), 2011 IEEE, pages 1–6.
Andersen, D. (2002). Theoretical approaches to node assignment. http://www.cs.cmu.edu/dga/papers/andersen-assign.ps. Unpublished manuscript.
Anderson, T., Peterson, L., Shenker, S., and Turner, J. (2005). Overcoming the internet impasse through virtualization. Computer, 38(4):34–41.
Cabuk, S., Dalton, C. I., Ramasamy, H., and Schunter, M. (2007). Towards automated provisioning of secure virtualized networks. In Proceedings of the 14th ACM conference on Computer and communications security, CCS ’07, pages 235–245, New York, NY, USA. ACM.
Cheng, X., Su, S., Zhang, Z., Wang, H., Yang, F., Luo, Y., and Wang, J. (2011). Virtual network embedding through topology-aware node ranking. In SIGCOMM Computer Communication Review, volume 41, pages 38–47, New York, NY, USA. ACM.
Chowdhury, N., Rahman, M., and Boutaba, R. (2009). Virtual network embedding with coordinated node and link mapping. In INFOCOM 2009, IEEE, pages 783 –791.
Davy, S., Serrat, J., Astorga, A., Jennings, B., and Rubio-Loyola, J. (2011). Policyassisted planning and deployment of virtual networks. In Network and Service Management (CNSM), 2011 7th International Conference on, pages 1 –8.
Fernandes, N., Moreira, M., Moraes, I., Ferraz, L., Couto, R., Carvalho, H., Campista, M., Costa, L., and Duarte, O. (2010). Virtual networks: Isolation, performance, and trends. In Annals of Telecommunications.
Huang, D., Ata, S., and Medhi, D. (2010). Establishing secure virtual trust routing and provisioning domains for future internet. In GLOBECOM 2010, 2010 IEEE Global Telecommunications Conference, pages 1–6.
Kent, S. and Seo, K. (2005). Rfc 4301: Security architecture for the internet protocol. http://tools.ietf.org/rfc/rfc4301.txt.
Yu, M., Yi, Y., Rexford, J., and Chiang, M. (2008). Rethinking virtual network embedding: substrate support for path splitting and migration. SIGCOMM Comput. Commun. Rev., 38(2):17–29.
