City Research Online

A pattern-based framework for the design of secure and dependable SDN/NFV-enabled networks

Petroulakis, N. E. (2019). A pattern-based framework for the design of secure and dependable SDN/NFV-enabled networks. (Unpublished Doctoral thesis, City, University of London)

Abstract

As the world becomes an interconnected network where objects and humans interact, cyber and physical networks appear to play an important role in smart ecosystems due to their increasing use on critical infrastructure and smart cities. Software Defined Networking (SDN) and Network Function Virtualisation (NFV) are a promising combination for programmable connectivity, rapid service provisioning and service chaining as they offer the necessary end-to-end optimisations. However, with the actual exponential growth of connected devices, future networks, such as SDN and NFV, require open architectures, facilitated by standards and a strong ecosystem.In this thesis, a model-based approach is proposed to support the design and verification of secure and dependable SDN/NFV-enabled networks. The model is based on the development of a pattern-based approach to design executable patterns as solutions for reusable designs and interactions of objects, encoded in a rule based reasoning system, able to guarantee security and dependability (S&D) properties in SDN/NFV enabled networks. To execute S&D patterns, a pattern based framework is implemented for the insertion of patterns at design and at runtime level. The developed pattern framework highlights also the benefit of leveraging the flexibility of SDN/NFV-enabled networks to deploy enhanced reactive security mechanisms for the protection of the industrial network via the use of service function chaining (SFC). To prove the importance of this approach and the functionality of the pattern framework, different pattern instances are implemented to guarantee S&D in network infrastructures. The developed design patterns are able to design network topologies, guarantee network properties and offer security service provisioning and chaining. Finally, in order to evaluate the developed patterns in the pattern framework, three different use cases are described, where a number of usage scenarios are deployed and evaluated experimentally.

Publication Type: Thesis (Doctoral)
Subjects: Q Science
Departments: Doctoral Theses
Doctoral Theses > School of Mathematics, Computer Science and Engineering Doctoral Theses
School of Mathematics, Computer Science & Engineering > Computer Science
Date Deposited: 21 Apr 2020 12:52
URI: https://openaccess.city.ac.uk/id/eprint/24065
[img]
Preview
Text - Accepted Version
Download (14MB) | Preview

Export

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login