Projects per year
Abstract
IoT systems can be leveraged by Network Function Virtualization (NFV) and Software-Defined Networking (SDN) technologies, thereby strengthening their overall flexibility, security and resilience. In this sense, adaptive and policy-based security frameworks for SDN/NFV-aware IoT systems can provide a remarkable added value for self-protection and self-healing, by orchestrating and enforcing dynamically security policies and associated Virtual Network Functions (VNF) or Virtual network Security Functions (VSF) according to the actual context. However, this security orchestration is subject to multiple possible inconsistencies between the policies to enforce, the already enforced management policies and the evolving status of the managed IoT system. In this regard, this paper presents a semantic-aware, zero-touch and policy-driven security orchestration framework for autonomic and conflict-less security orchestration in SDN/NFV-aware IoT scenarios while ensuring optimal allocation and Service Function Chaining (SFC) of VSF. The framework relies on Semantic technologies and considers the security policies and the evolving IoT system model to dynamically and formally detect any semantic conflict during the orchestration. In addition, our optimized SFC algorithm maximizes the QoS, security aspects and resources usage during VSF allocation. The orchestration security framework has been implemented and validated showing its feasibility and performance to detect the conflicts and optimally enforce the VSFs.
Original language | English |
---|---|
Article number | 3622 |
Pages (from-to) | 1-26 |
Number of pages | 24 |
Journal | Sensors (Switzerland) |
Volume | 20 |
Issue number | 13 |
DOIs | |
Publication status | Published - Jul 2020 |
MoE publication type | A1 Journal article-refereed |
Keywords
- IoT
- NFV
- Optimization
- QoS
- SDN
- Security
- Semantic technologies
Fingerprint
Dive into the research topics of 'Semantic-aware security orchestration in SDN/NFV-enabled IoT systems'. Together they form a unique fingerprint.Projects
- 3 Finished
-
INSPIRE-5Gplus: INtelligent Security and PervasIve tRust for 5G and Beyond
Taleb, T. (Principal investigator), Benzaid, C. (Project Member), Boukhalfa, M. (Project Member), Dang, Y. (Project Member), Farooqi, M. (Project Member) & Hireche, O. (Project Member)
01/11/2019 → 31/10/2022
Project: EU: Framework programmes funding
-
CSN: Customized Software Networking across Multiple Administrative Domains
Taleb, T. (Principal investigator), Addad, R. (Project Member), Afolabi, I. (Project Member), Amor, A. (Project Member), Yu, H. (Project Member), Kianpisheh, S. (Project Member), Mariouak, M. (Project Member), Hellaoui, H. (Project Member), Sehad, N. (Project Member), Boudi, A. (Project Member), El Marai, O. (Project Member), Shokrnezhad, M. (Project Member), Bagaa, M. (Project Member), Maity, I. (Project Member), Naas, S.-A. (Project Member), Bekkouche, O. (Project Member), Benzaid, C. (Project Member), Kerfah, I. (Project Member), Mada, B. (Project Member) & Yang, B. (Project Member)
01/09/2017 → 31/08/2021
Project: Academy of Finland: Other research funding
-
ANASTACIA: Advanced Networked Agents for Security and Trust Assessment in CPS/IOT Architectures
Taleb, T. (Principal investigator), Addad, R. (Project Member), Abada, A. (Project Member), Bouhanana, M. (Project Member), Naas, S.-A. (Project Member), Farris, I. (Project Member), Boudi, A. (Project Member), Hireche, O. (Project Member), Nadir, Z. (Project Member), Khettab, Y. (Project Member), Mada, B. (Project Member), Nait Abbou, A. (Project Member), Bagaa, M. (Project Member) & Boukhalfa, M. (Project Member)
01/01/2017 → 31/12/2019
Project: EU: Framework programmes funding