Securing Service Instantiation on Next-generation Networks

Authors

  • Rodrigo Santos Institute of Telecommunications, Aveiro, Portugal
  • Daniel Corujo 1) Institute of Telecommunications, Aveiro, Portugal 2) Department of Electronic, Telecommunication and Informatics, University of Aveiro, Portugal
  • José Quevedo Institute of Telecommunications, Aveiro, Portugal
  • Rui Aguiar 1) Institute of Telecommunications, Aveiro, Portugal 2) Department of Electronic, Telecommunication and Informatics, University of Aveiro, Portugal

DOI:

https://doi.org/10.13052/jmm1550-4646.2019

Keywords:

Next-generation software defined networks, P4, service provisioning, monitoring

Abstract

The Next Generation of Software Defined Networks (NG-SDN) enables a whole new set of possibilities for innovation in the data plane (e.g., computing, monitoring, load-balancing). In parallel, we have been witnessing the increasing adoption of virtualized services running in light but efficient containers, which brings forth the capability to flexibly deploy services at the network edge, while providing dynamic scaling and management. As a result, operators have tap in a lot of computational real-estate as part of the adoption of telco cloud concepts, as well as to support the foreseen edge and fog computing scenarios. However, exposing the infrastructure to third parties and realizing complex services over a multi-stakeholder environment raises challenges at different levels (e.g., security, reliability, SLA guarantees). Reconfiguring the data plane for flow monitoring and handling service requests directly on the data plane could address these challenges to support the joint communication and computation vision. This is where this paper contributes by proposing a secure and reliable system for dynamic instantiation of third-party services. A proof-of-concept prototype was developed using P4 and Kubernetes showcasing the feasibility of the proposed approach.

Downloads

Download data is not yet available.

Author Biographies

Rodrigo Santos, Institute of Telecommunications, Aveiro, Portugal

Rodrigo Santos concluded is master’s degree in Computer and Telematics Engineering in 2023, from the University of Aveiro in Portugal. His master’s dissertation’s topic was on the service instantiation and flow monitoring on Next-Generation Software Defined Networks. The development of his dissertation lead to the writing of this paper which is also his first paper submission.

Daniel Corujo, 1) Institute of Telecommunications, Aveiro, Portugal 2) Department of Electronic, Telecommunication and Informatics, University of Aveiro, Portugal

Daniel Corujo is an Associate Professor from the University of Aveiro, where he concluded his PhD on Communication Middleware for the Future Mobile Internet, in 2013. He was the coordinator of the Telecommunications and Networking research team at the Instituto de Telecomunicações, in Aveiro, Portugal, a team of over 50 people, from 2017 to 2018. He has been an active researcher and contributor to standardization in the fields of mobility management, through the IETF/IRTF, and Media Independent Handovers, through the IEEE. He has pursued such concepts under the scope of a broad range of EU FP7 research projects since 2007, such as DAIDALOS, OneLab2, 4WARD, MEDIEVAL, OFELIA and 5GROWTH, where he also played key roles from proposal elaboration to task and workpackage co-leading. He is currently WP leader in the national 5G Mobilizer project. Parallel to his 13 years of experience on mobility management research, he has been more recently developing work on the areas of the 5G, Network Function Virtualization, Software Defined Networking and Information Centric Networking, deploying new visions and enhancements of such concepts over wireless networks, in national and international research projects. He is Vice-chair for the IEEE ComSoc PT Chapter.

José Quevedo, Institute of Telecommunications, Aveiro, Portugal

José Quevedo received his PhD in Telecommunications from the MAP-tele Doctoral Programme in Telecommunications in 2020. His early research activities were focused on Information-Centric Networking (ICN) approaches for supporting Internet of Things (IoT) scenarios. This work, conducted in the Telecommunications and Networking – Av Group (TN-Av) at Instituto de Telecomunicações (IT-Av) and University of Aveiro (UA), Portugal, has been disseminated in book chapters, conference and journal papers, and as contributions to open-source software. He has been involved in the different stages of several research projects (e.g., H2020 5Growth, H2020 5GASP). He has been further involved in the academy by working as an Invited Adjunct Professor at the University of Aveiro – Águeda School of Technology and Management (ESTGA). Currently he is the executive manager of the 5GAIner laboratory and a Senior Researcher at IT-Av working in areas related to networking protocols, network programmability and 5G and beyond systems.

Rui Aguiar, 1) Institute of Telecommunications, Aveiro, Portugal 2) Department of Electronic, Telecommunication and Informatics, University of Aveiro, Portugal

Rui Aguiar is currently a Full Professor at Universidade de Aveiro. He was the founder of the ATNOG research group, an advanced telecommunication research group at the Universidade de Aveiro and is currently co-coordinating a research line in Instituto de Telecomunicações, on the area of Networks and Services. He has been an advisory for the portuguese Secretaria de Estado das Comunicações and member of the task force for 5G cybersecurity. He is a Chartered Engineer, a Senior Member of IEEE, and a member of ACM. He has served as the Portugal Chapter Chair of IEEE Communications Society and has been serving as Steering Board Chair of Networld Europe, the European ETP representing the telecommunications community, engaged in the discussions of the future European R\&D workprogrames for telecommunications. As further community engagement, he has served as Technical and General (co)Chair of several conferences (ICNS, ICT, ISCC, Mobiarch, Monami, NTMS, etc). He is a regular keynote speaker in the future of mobile communications and digital society, with dozens of talks across the whole world. He is an associated editor of Wiley’s Emerging Telecommunication Technologies and Springer’s Wireless Networks.

References

Logota, E., Corujo, D., Jeon, S., Rodriguez, J. and Aguiar, R.L. (2015). The 5G Internet. In Fundamentals of 5G Mobile Networks, J. Rodriguez (Ed.). https://doi.org/10.1002/9781118867464.ch2.

Walid Saad and Mehdi Bennis and Mingzhe Chen. ‘A Vision of 6G Wireless Systems: Applications, Trends, Technologies, and Open Research Problems’. IEEE Network, 34(3), 2020.

Syed Danial Ali Shah and Mark A. Gregory and Shuo Li. ‘Cloud-Native Network Slicing Using Software Defined Networking Based Multi-Access Edge Computing: A Survey’. IEEE Access, vol. 9, 2021.

ETSI White Paper No. 11 and X. Chen and H. Zhang and C. Wu and S. Mao and Y. Ji and M. Bennis. ‘Mobile edge computing – A key technology towards 5G’. ETSI White Paper. IEEE Internet of Things Journal, 11(11), 2015.

Rashid Mijumbi and Joan Serrat and Juan Luis Gorricho and Niels Bouten and Filip De Turck and Raouf Boutaba. ‘Network function virtualization: State-of-the-art and research challenges’. IEEE Communications Surveys and Tutorials, 18(1), 2016.

Open Networking Foundation. Advancing the SDN Substrate for Networking. https://opennetworking.org/reference-designs/ng-sdn/, Accessed: 2022-10-18.

P. Bosshart and D. Daly and G. Gibb and M. Izzard and N. McKeown and J. Rexford and C. Schlesinger and D. Talayco and A. Vahdat and G. Varghese and D. Walker. ‘P4: Programming protocol-independent packet processors’. Computer Communication Review, 44(3), 2014.

Xiaowen Cao and Feng Wang and Jie Xu and Rui Zhang and Shuguang Cui. ‘Joint computation and communication cooperation for energy-efficient mobile edge computing’. IEEE Internet of Things Journal, 6(3), 2019.

J. Quevedo, D. Corujo, R. Silva, D. Santos, Hao Ran Chi, A. Radwan, R. L. Aguiar, O. Abboud and A. Hecker. ‘Towards efficient provisioning of dynamic edge services in mobile networks’. Accepted to Global Communications Conference (ICC 2023), 2023.

L. Baresi, D. F. Mendonça, M. Garriga, S. Guinea, and G. Quattrocchi. 2019. ‘A Unified Model for the Mobile-Edge-Cloud Continuum’. ACM Trans. Internet Technol. 19, 2, Article 29 (May 2019), 21 pages. https://doi.org/10.1145/3226644.

Tsozen Yeh, Shengchieh Yu. ‘Realizing dynamic resource orchestration on cloud systems in the cloud-to-edge continuum’. Journal of Parallel and Distributed Computing, Volume 160, 2022, Pages 100–109, ISSN 0743-7315, https://doi.org/10.1016/j.jpdc.2021.10.006.

A. Radwan et al., ‘Multi-Criteria Modeled Live Service Migration for Heterogeneous Edge Computing’. GLOBECOM 2022 – 2022 IEEE Global Communications Conference, Rio de Janeiro, Brazil, 2022, pp. 5031–5036, doi: 10.1109/GLOBECOM48099.2022.10001668.

K. Fu, W. Zhang, Q. Chen, D. Zeng and M. Guo. ‘Adaptive Resource Efficient Microservice Deployment in Cloud-Edge Continuum’. in IEEE Transactions on Parallel and Distributed Systems, vol. 33, no. 8, pp. 1825–1840, 1 Aug. 2022, doi: 10.1109/TPDS.2021.3128037.

Robert MacDavid, Carmelo Cascone, Pingping Lin, Badhrinath Padmanabhan, Ajay Thakur, Larry Peterson, Jennifer Rexford, Oguz Sunay. 2021. ‘A P4-based 5G User Plane Function’. In The ACM SIGCOMM Symposium on SDN Research (SOSR) (SOSR ’21), September 20–21, 2021, Virtual Event, USA. ACM, New York, NY, USA, 7 pages. https://doi.org/10.1145/3482898.3483358.

A. Aghdai, M. Huang, D. Dai, Y. Xu and J. Chao. ‘Transparent Edge Gateway for Mobile Networks’. 2018 IEEE 26th International Conference on Network Protocols (ICNP), Cambridge, UK, 2018, pp. 412–417, doi: 10.1109/ICNP.2018.00057.

P. Palagummi and K. M. Sivalingam. ‘SMARTHO: A Network Initiated Handover in NG-RAN using P4-based Switches’. 2018 14th International Conference on Network and Service Management (CNSM), Rome, Italy, 2018, pp. 338–342.

Naveen Kr Sharma and Antoine Kaufmann and Thomas Anderson and Changhoon Kim and Arvind Krishnamurthy and Jacob Nelson and Simon Peter. ‘Evaluating the power of flexible packet processing for network resource allocation’. Proceedings of the 14th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2017, 2017.

Byoungjin Seok and Jose Costa Sapalo Sicato and Tcydenova Erzhena and Canshou Xuan and Yi Pan and Jong Hyuk Park. ‘Secure D2D communication for 5G IoT network based on lightweight cryptography’. Applied Sciences (Switzerland), 10(1), 2020.

Hong Ren and Cunhua Pan and Yansha Deng and Maged Elkashlan and Arumugam Nallanathan. ‘Resource Allocation for Secure URLLC in Mission-Critical IoT Scenarios’. IEEE Transactions on Communications, 68(10), 2020.

Lucas Castanheira and Ricardo Parizotto and Alberto E. Schaeffer-Filho. ‘FlowStalker: Comprehensive Traffic Flow Monitoring on the Data Plane using P4’. IEEE International Conference on Communications, May, 2019.

A. Cobos, C. Guimarães, A. De La Oliva and A. Zabala. ‘OpenFlowMon: A Fully Distributed Monitoring Framework for Virtualized Environments’. 2021 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), Heraklion, Greece, 2021, pp. 141–147, doi: 10.1109/NFV-SDN53031.2021.9665014.

T. Holterbach and E. C. and M. Apostolaki and A. Dainotti and S. Vissicchio and L. Vanbever. ‘Blink: Fast connectivity recovery entirely in the data plane’. Proceedings of the 16th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2019.

C. Kim and A. Sivaraman and N. Katta and A. Bas and A. Dixit and L. J. Wobker and Barefoot Networks. ‘In-band Network Telemetry via Programmable Dataplanes’. Sosr, (2), 2015.

Naga Katta and Mukesh Hira and Changhoon Kim and Anirudh Sivaraman and Jennifer Rexford. ‘HULA: Scalable load balancing using programmable data planes’. Symposium on Software Defined Networking (SDN) Research, SOSR 2016, 2016.

R. Kundel et al. ‘P4-BNG: Central Office Network Functions on Programmable Packet Pipelines’. 2019 15th International Conference on Network and Service Management (CNSM), Halifax, NS, Canada, 2019, pp. 1–9, doi: 10.23919/CNSM46954.2019.9012666.

Jan Kuèera and Diana Andreea Popescu and Han Wang and Andrew Moore and Jan Ko¡renek and Gianni Antichi. ‘Enabling event-triggered data plane monitoring’. SOSR 2020 – Proceedings of the 2020 Symposium on SDN Research, 2020.

V. Atlidakis, P. Godefroid and M. Polishchuk. ‘Checking Security Properties of Cloud Service REST APIs’. 2020 IEEE 13th International Conference on Software Testing, Validation and Verification (ICST), Porto, Portugal, 2020, pp. 387–397, doi: 10.1109/ICST46399.2020.00046.

Fathoni, H., Yang, C. T., Chang, C. H., and Huang, C. Y. (2019). ‘Performance Comparison of Lightweight Kubernetes in Edge Devices’. Communications in Computer and Information Science, 1080 CCIS. https://doi.org/10.1007/978-3-030-30143-9_25.

Cormode, G., and Muthukrishnan, S. (2004). ‘An improved data stream summary: The Count-Min Sketch and its applications’. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2976, 2004. https://doi.org/10.1007/978-3-540-24698-5_7.

Downloads

Published

2024-02-05

How to Cite

Santos, R. ., Corujo, D. ., Quevedo, J. ., & Aguiar, R. . (2024). Securing Service Instantiation on Next-generation Networks. Journal of Mobile Multimedia, 20(01), 215–238. https://doi.org/10.13052/jmm1550-4646.2019

Issue

2024: Vol 20 Iss 1

Section

6G: The Road for Future Wireless Networks (SOUL)