Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
SDN based security solutions for multi-tenancy NFV
The Internet continues to expand drastically as a result of explosion of mobile devices, content, server virtualization, and advancement of cloud services. This increase has significantly changed traffic patterns within the enterprise data centres. Therefore, advanced technologies are needed to impr...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | English |
| Published: |
Department of Electrical Engineering
2017
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| Summary: | The Internet continues to expand drastically as a result of explosion of mobile devices, content, server virtualization, and advancement of cloud services. This increase has significantly changed traffic patterns within the enterprise data centres. Therefore, advanced technologies are needed to improve traditional network deployments to enable them to handle the changing network patterns. Software defined networks (SDN) and network function virtualisation (NFV) are innovative technologies that enable network flexibility, increase network and service agility, and support service-driven virtual networks using concepts of virtualisation and softwarisation. Collaboration of these two concepts enable cloud operator to offer network-as-a-service (NaaS) to multiple tenants in a data-centre deployment. Despite the benefits brought by these technologies, they also bring along security challenges that need to be addressed and managed to ensure successful deployment and encourage faster adoption in industry. This dissertation proposes security solution based on tenant isolation, network access control (NAC) and network reconfiguration that can be implemented in NFV multi-tenant deployment to guarantee privacy and security of tenant functions. The evaluation of the proof-of-concept framework proves that SDN based tenant isolation solution provides a high level of isolation in a multi-tenant NFV cloud. It also shows that the proposed network reconfiguration greatly reduces chances of an attacker correctly identifying location and IP addresses of tenant functions within the cloud environment. Because of resource limitation, the proposed NAC solution was not evaluated. The efficiency of this solution for multitenancy NFV has been added as part of future work. |
|---|