Paper Info
Title
Multistage OCDO: Scalable Security Provisioning Optimization in SDN-Based Cloud
Abstract
Cloud computing is increasingly changing the landscape of computing, however, one of the main issues that is refraining potential customers from adopting the cloud is the security. Network functions virtualization together with software-defined networking can be used to efficiently coordinate different network security functionality in the network. To squeeze the best out of network capabilities, there is need for algorithms for optimal placement of the security functionality in the cloud infrastructure. However, due to the large number of flows to be considered and complexity of interactions in these networks, the classical placement algorithms are not scalable. To address this issue, we elaborate an optimization framework, namely OCDO, that provides adequate and scalable network security provisioning and deployment in the cloud. Our approach is based on an innovative multistage approach that combines together decomposition and segmentation techniques to the problem of security functions placement while coping with the complexity and the scalability of such an optimization problem. We present the results of multiple scenarios to assess the efficiency and the adequacy of our framework. We also describe our prototype implementation of the framework integrated into an open source cloud framework, i.e. Open stack.
Year
DOI
Venue
2015
10.1109/CLOUD.2015.82
CLOUD
Keywords
Field
DocType
Cloud, Security Provisioning, Optimization, Segmentation, Decomposition, SDN, OpenStack
Computer science,Network security,Computer network,Provisioning,Cloud computing security,Network Access Control,Optimization problem,Computer security model,Scalability,Cloud computing,Distributed computing
Conference
ISSN
Citations 
PageRank 
2159-6182
2
0.37
References 
Authors
11
4
Name
Order
Citations
PageRank
Yosr Jarraya117314.52
Alireza Shameli Sendi2638.08
Makan Pourzandi321628.31
Mohamed Cheriet42047238.58