Assessing lightweight virtualization for security-as-a-service at the network edge

Tutkimustuotos: Lehtiartikkeli

Standard

Assessing lightweight virtualization for security-as-a-service at the network edge. / Boudi, Abderrahmane; Farris, Ivan; Bagaa, Miloud; Taleb, Tarik.

julkaisussa: IEICE Transactions on Communications, Vuosikerta E102B, Nro 5, 01.05.2019, s. 970-977.

Tutkimustuotos: Lehtiartikkeli

Harvard

APA

Vancouver

Author

Boudi, Abderrahmane ; Farris, Ivan ; Bagaa, Miloud ; Taleb, Tarik. / Assessing lightweight virtualization for security-as-a-service at the network edge. Julkaisussa: IEICE Transactions on Communications. 2019 ; Vuosikerta E102B, Nro 5. Sivut 970-977.

Bibtex - Lataa

@article{8d48bc6855b74acfb733ee1db8df9c86,
title = "Assessing lightweight virtualization for security-as-a-service at the network edge",
abstract = "Accounting for the exponential increase in security threats, the development of new defense strategies for pervasive environments is acquiring an ever-growing importance. The expected avalanche of heterogeneous IoT devices which will populate our industrial factories and smart houses will increase the complexity of managing security requirements in a comprehensive way. To this aim, cloud-based security services are gaining notable impetus to provide security mechanisms according to Security-as-a-Service (SECaaS) model. However, the deployment of security applications in remote cloud data-centers can introduce several drawbacks in terms of traffic overhead and latency increase. To cope with this, Edge Computing can provide remarkable advantages avoiding long routing detours. On the other hand, the limited capabilities of edge node introduce potential constraints in the overall management. This paper focuses on the provisioning of virtualized security services in resource-constrained edge nodes by leveraging lightweight virtualization technologies. Our analysis aims at shedding light on the feasibility of container-based security solutions, thus providing useful guidelines towards the orchestration of security at the edge. Our experiments show that the overhead introduced by the containerization is very light.",
keywords = "Cloud/edge computing, IoT, NFV, Security",
author = "Abderrahmane Boudi and Ivan Farris and Miloud Bagaa and Tarik Taleb",
note = "| openaire: EC/H2020/731558/EU//ANASTACIA",
year = "2019",
month = "5",
day = "1",
doi = "10.1587/transcom.2018EUI0001",
language = "English",
volume = "E102B",
pages = "970--977",
journal = "IEICE Transactions on Communications",
issn = "0916-8516",
publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",
number = "5",

}

RIS - Lataa

TY - JOUR

T1 - Assessing lightweight virtualization for security-as-a-service at the network edge

AU - Boudi, Abderrahmane

AU - Farris, Ivan

AU - Bagaa, Miloud

AU - Taleb, Tarik

N1 - | openaire: EC/H2020/731558/EU//ANASTACIA

PY - 2019/5/1

Y1 - 2019/5/1

N2 - Accounting for the exponential increase in security threats, the development of new defense strategies for pervasive environments is acquiring an ever-growing importance. The expected avalanche of heterogeneous IoT devices which will populate our industrial factories and smart houses will increase the complexity of managing security requirements in a comprehensive way. To this aim, cloud-based security services are gaining notable impetus to provide security mechanisms according to Security-as-a-Service (SECaaS) model. However, the deployment of security applications in remote cloud data-centers can introduce several drawbacks in terms of traffic overhead and latency increase. To cope with this, Edge Computing can provide remarkable advantages avoiding long routing detours. On the other hand, the limited capabilities of edge node introduce potential constraints in the overall management. This paper focuses on the provisioning of virtualized security services in resource-constrained edge nodes by leveraging lightweight virtualization technologies. Our analysis aims at shedding light on the feasibility of container-based security solutions, thus providing useful guidelines towards the orchestration of security at the edge. Our experiments show that the overhead introduced by the containerization is very light.

AB - Accounting for the exponential increase in security threats, the development of new defense strategies for pervasive environments is acquiring an ever-growing importance. The expected avalanche of heterogeneous IoT devices which will populate our industrial factories and smart houses will increase the complexity of managing security requirements in a comprehensive way. To this aim, cloud-based security services are gaining notable impetus to provide security mechanisms according to Security-as-a-Service (SECaaS) model. However, the deployment of security applications in remote cloud data-centers can introduce several drawbacks in terms of traffic overhead and latency increase. To cope with this, Edge Computing can provide remarkable advantages avoiding long routing detours. On the other hand, the limited capabilities of edge node introduce potential constraints in the overall management. This paper focuses on the provisioning of virtualized security services in resource-constrained edge nodes by leveraging lightweight virtualization technologies. Our analysis aims at shedding light on the feasibility of container-based security solutions, thus providing useful guidelines towards the orchestration of security at the edge. Our experiments show that the overhead introduced by the containerization is very light.

KW - Cloud/edge computing

KW - IoT

KW - NFV

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85065781782&partnerID=8YFLogxK

U2 - 10.1587/transcom.2018EUI0001

DO - 10.1587/transcom.2018EUI0001

M3 - Article

VL - E102B

SP - 970

EP - 977

JO - IEICE Transactions on Communications

JF - IEICE Transactions on Communications

SN - 0916-8516

IS - 5

ER -

ID: 34110205