Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments

Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments

Software Defined Network (SDN) and Network Function Virtualization (NFV) are bringing many advantages to optimize and automatize security management at the network edge, enabling the deployment of virtual network security functions (VSFs) in MEC nodes, to strengthen the end-to-end security in IoT en...

Full description

Bibliographic Details
Main Authors: Ana Hermosilla, Alejandro Molina Zarca, Jorge Bernal Bernabe, Jordi Ortiz, Antonio Skarmeta
Format: Article
Language:English
Published: IEEE 2020-01-01
Series:IEEE Access
Subjects:
IoT
cybersecurity
SDN/NFV
architecture
Online Access:https://ieeexplore.ieee.org/document/9143099/
id doaj-46619d5e8117471b9133ba8973e9ceca
record_format Article
spelling doaj-46619d5e8117471b9133ba8973e9ceca2021-03-30T04:45:28ZengIEEEIEEE Access2169-35362020-01-01813177913179510.1109/ACCESS.2020.30102099143099Security Orchestration and Enforcement in NFV/SDN-Aware UAV DeploymentsAna Hermosilla0https://orcid.org/0000-0001-6860-5100Alejandro Molina Zarca1https://orcid.org/0000-0003-0038-9012Jorge Bernal Bernabe2https://orcid.org/0000-0002-7538-4788Jordi Ortiz3https://orcid.org/0000-0001-7573-6731Antonio Skarmeta4https://orcid.org/0000-0002-5525-1259Department of Information and Communications Engineering, University of Murcia, Murcia, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainDepartment of Information and Communications Engineering, University of Murcia, Murcia, SpainSoftware Defined Network (SDN) and Network Function Virtualization (NFV) are bringing many advantages to optimize and automatize security management at the network edge, enabling the deployment of virtual network security functions (VSFs) in MEC nodes, to strengthen the end-to-end security in IoT environments. The benefits could exploit in mobile MEC nodes on-boarded in Unmanned Aerial Vehicles (UAV), as the UAVs would carry on-demand VSFs to particular physical locations. To that aim, this paper proposes a novel NFV/SDN-based zero-touch security management framework for automatic orchestration, configuration and deployment of lightweight VSF in MEC-UAVs, that considers diverse contextual factors, related to both physical and virtual conditions, to optimize the security orchestration. Our solution aims to deploy on-demand VSFs, such as virtual Firewalls (vFirewalls), vProxies, vIDS (Intrusion Detection Systems) and vAAA, to assist during emerging situations in particular physical locations, protecting and optimizing the managed IoT network, as well as replacing or supporting compromised physical devices like IoT gateways. The proposed solution has been implemented, deployed and evaluated in a real testbed with real drones, showing its feasibility and performance.https://ieeexplore.ieee.org/document/9143099/IoTcybersecuritySDN/NFVarchitecture
collection DOAJ
language English
format Article
sources DOAJ
author Ana Hermosilla
Alejandro Molina Zarca
Jorge Bernal Bernabe
Jordi Ortiz
Antonio Skarmeta
spellingShingle Ana Hermosilla
Alejandro Molina Zarca
Jorge Bernal Bernabe
Jordi Ortiz
Antonio Skarmeta
Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments
IEEE Access
IoT
cybersecurity
SDN/NFV
architecture
author_facet Ana Hermosilla
Alejandro Molina Zarca
Jorge Bernal Bernabe
Jordi Ortiz
Antonio Skarmeta
author_sort Ana Hermosilla
title Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments
title_short Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments
title_full Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments
title_fullStr Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments
title_full_unstemmed Security Orchestration and Enforcement in NFV/SDN-Aware UAV Deployments
title_sort security orchestration and enforcement in nfv/sdn-aware uav deployments
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2020-01-01
description Software Defined Network (SDN) and Network Function Virtualization (NFV) are bringing many advantages to optimize and automatize security management at the network edge, enabling the deployment of virtual network security functions (VSFs) in MEC nodes, to strengthen the end-to-end security in IoT environments. The benefits could exploit in mobile MEC nodes on-boarded in Unmanned Aerial Vehicles (UAV), as the UAVs would carry on-demand VSFs to particular physical locations. To that aim, this paper proposes a novel NFV/SDN-based zero-touch security management framework for automatic orchestration, configuration and deployment of lightweight VSF in MEC-UAVs, that considers diverse contextual factors, related to both physical and virtual conditions, to optimize the security orchestration. Our solution aims to deploy on-demand VSFs, such as virtual Firewalls (vFirewalls), vProxies, vIDS (Intrusion Detection Systems) and vAAA, to assist during emerging situations in particular physical locations, protecting and optimizing the managed IoT network, as well as replacing or supporting compromised physical devices like IoT gateways. The proposed solution has been implemented, deployed and evaluated in a real testbed with real drones, showing its feasibility and performance.
topic IoT
cybersecurity
SDN/NFV
architecture
url https://ieeexplore.ieee.org/document/9143099/
work_keys_str_mv AT anahermosilla securityorchestrationandenforcementinnfvsdnawareuavdeployments
AT alejandromolinazarca securityorchestrationandenforcementinnfvsdnawareuavdeployments
AT jorgebernalbernabe securityorchestrationandenforcementinnfvsdnawareuavdeployments
AT jordiortiz securityorchestrationandenforcementinnfvsdnawareuavdeployments
AT antonioskarmeta securityorchestrationandenforcementinnfvsdnawareuavdeployments
_version_ 1724181208968986624

Similar Items