In network security, Network Function Virtualization can be exploited to implement flexible security services tailored to specific user needs. However, in practice this is hard to achieve due to the limitations of reference software platforms, such as Kubernetes, which are designed to orchestrate cloud-native services. In this work, we complement Kubernetes with a state-of-the-art algorithm for application-aware provisioning of security services. We demonstrate that the proposed solution improves basic provisioning mechanisms, such as the default Kubernetes scheduler, in terms of Quality of Service and security guarantees for the users.
In network security, Network Function Virtualization can be exploited to implement flexible security services tailored to specific user needs. However, in practice this is hard to achieve due to the limitations of reference software platforms, such as Kubernetes, which are designed to orchestrate cloud-native services. In this work, we complement Kubernetes with a state-of-the-art algorithm for application-aware provisioning of security services. We demonstrate that the proposed solution improves basic provisioning mechanisms, such as the default Kubernetes scheduler, in terms of Quality of Service and security guarantees for the users.
Towards Application-Aware Provisioning of Security Services with Kubernetes / Doriguzzi-Corin, Roberto; Cretti, Silvio; Catena, Tiziana; Magnani, Simone; Siracusa, Domenico. - (2022), pp. 284-286. (Intervento presentato al convegno 2022 IEEE 8th International Conference on Network Softwarization (NetSoft) tenutosi a Milan, Italy nel 27 June 2022 - 01 July 2022) [10.1109/NetSoft54395.2022.9844023].
Towards Application-Aware Provisioning of Security Services with Kubernetes
Doriguzzi-Corin, Roberto;Siracusa, Domenico
2022-01-01
Abstract
In network security, Network Function Virtualization can be exploited to implement flexible security services tailored to specific user needs. However, in practice this is hard to achieve due to the limitations of reference software platforms, such as Kubernetes, which are designed to orchestrate cloud-native services. In this work, we complement Kubernetes with a state-of-the-art algorithm for application-aware provisioning of security services. We demonstrate that the proposed solution improves basic provisioning mechanisms, such as the default Kubernetes scheduler, in terms of Quality of Service and security guarantees for the users.| File | Dimensione | Formato | |
|---|---|---|---|
|
doriguzzi-corinTowardsApplicationawareProvisioning2022[AAM].pdf
accesso aperto
Tipologia:
Post-print referato (Refereed author’s manuscript)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
358.58 kB
Formato
Adobe PDF
|
358.58 kB | Adobe PDF | Visualizza/Apri |
|
doriguzzi-corinTowardsApplicationawareProvisioning2022[VoR].pdf
Solo gestori archivio
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
375.21 kB
Formato
Adobe PDF
|
375.21 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
