Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments
Software Defined Network (SDN) and Network Function Virtualization (NFV) are bringing many advantages to optimize and automatize security management at the network edge, enabling the deployment of virtual network security functions (VSFs) in MEC nodes, to strengthen the end-to-end security in IoT en...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2020-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/9143099/ |
id |
doaj-46619d5e8117471b9133ba8973e9ceca |
---|---|
record_format |
Article |
spelling |
doaj-46619d5e8117471b9133ba8973e9ceca2021-03-30T04:45:28ZengIEEEIEEE Access2169-35362020-01-01813177913179510.1109/ACCESS.2020.30102099143099Security Orchestration and Enforcement in NFV/SDN-Aware UAV DeploymentsAna Hermosilla0https://orcid.org/0000-0001-6860-5100Alejandro Molina Zarca1https://orcid.org/0000-0003-0038-9012Jorge Bernal Bernabe2https://orcid.org/0000-0002-7538-4788Jordi Ortiz3https://orcid.org/0000-0001-7573-6731Antonio Skarmeta4https://orcid.org/0000-0002-5525-1259Department of Information and Communications Engineering, University of Murcia, Murcia, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainSoftware Defined Network (SDN) and Network Function Virtualization (NFV) are bringing many advantages to optimize and automatize security management at the network edge, enabling the deployment of virtual network security functions (VSFs) in MEC nodes, to strengthen the end-to-end security in IoT environments. The benefits could exploit in mobile MEC nodes on-boarded in Unmanned Aerial Vehicles (UAV), as the UAVs would carry on-demand VSFs to particular physical locations. To that aim, this paper proposes a novel NFV/SDN-based zero-touch security management framework for automatic orchestration, configuration and deployment of lightweight VSF in MEC-UAVs, that considers diverse contextual factors, related to both physical and virtual conditions, to optimize the security orchestration. Our solution aims to deploy on-demand VSFs, such as virtual Firewalls (vFirewalls), vProxies, vIDS (Intrusion Detection Systems) and vAAA, to assist during emerging situations in particular physical locations, protecting and optimizing the managed IoT network, as well as replacing or supporting compromised physical devices like IoT gateways. The proposed solution has been implemented, deployed and evaluated in a real testbed with real drones, showing its feasibility and performance.https://ieeexplore.ieee.org/document/9143099/IoTcybersecuritySDN/NFVarchitecture |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Ana Hermosilla Alejandro Molina Zarca Jorge Bernal Bernabe Jordi Ortiz Antonio Skarmeta |
spellingShingle |
Ana Hermosilla Alejandro Molina Zarca Jorge Bernal Bernabe Jordi Ortiz Antonio Skarmeta Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments IEEE Access IoT cybersecurity SDN/NFV architecture |
author_facet |
Ana Hermosilla Alejandro Molina Zarca Jorge Bernal Bernabe Jordi Ortiz Antonio Skarmeta |
author_sort |
Ana Hermosilla |
title |
Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments |
title_short |
Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments |
title_full |
Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments |
title_fullStr |
Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments |
title_full_unstemmed |
Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments |
title_sort |
security orchestration and enforcement in nfv/sdn-aware uav deployments |
publisher |
IEEE |
series |
IEEE Access |
issn |
2169-3536 |
publishDate |
2020-01-01 |
description |
Software Defined Network (SDN) and Network Function Virtualization (NFV) are bringing many advantages to optimize and automatize security management at the network edge, enabling the deployment of virtual network security functions (VSFs) in MEC nodes, to strengthen the end-to-end security in IoT environments. The benefits could exploit in mobile MEC nodes on-boarded in Unmanned Aerial Vehicles (UAV), as the UAVs would carry on-demand VSFs to particular physical locations. To that aim, this paper proposes a novel NFV/SDN-based zero-touch security management framework for automatic orchestration, configuration and deployment of lightweight VSF in MEC-UAVs, that considers diverse contextual factors, related to both physical and virtual conditions, to optimize the security orchestration. Our solution aims to deploy on-demand VSFs, such as virtual Firewalls (vFirewalls), vProxies, vIDS (Intrusion Detection Systems) and vAAA, to assist during emerging situations in particular physical locations, protecting and optimizing the managed IoT network, as well as replacing or supporting compromised physical devices like IoT gateways. The proposed solution has been implemented, deployed and evaluated in a real testbed with real drones, showing its feasibility and performance. |
topic |
IoT cybersecurity SDN/NFV architecture |
url |
https://ieeexplore.ieee.org/document/9143099/ |
work_keys_str_mv |
AT anahermosilla securityorchestrationandenforcementinnfvsdnawareuavdeployments AT alejandromolinazarca securityorchestrationandenforcementinnfvsdnawareuavdeployments AT jorgebernalbernabe securityorchestrationandenforcementinnfvsdnawareuavdeployments AT jordiortiz securityorchestrationandenforcementinnfvsdnawareuavdeployments AT antonioskarmeta securityorchestrationandenforcementinnfvsdnawareuavdeployments |
_version_ |
1724181208968986624 |