Multistage OCDO: Scalable security provisioning optimization in SDN-based cloud

Security is a main issue for adoption of cloud computing. NFV and SDN can be used to efficiently coordinate different network security functionality in the network. To squeeze the best out of network capabilities, there is a need for algorithms for optimal placement of the security functionality in the cloud infrastructure. Classical placement algorithms are not scalable due to the large number of flows to be considered and complexity of interactions in these networks. To address the issue, this paper presents an optimization framework, namely OCDO, that provides adequate and scalable network security provisioning and deployment in the cloud. Also described is a prototype implementation of the framework integrated into an open source cloud framework, i.e. Open stack.

Full abstract in IEEE Xplore, DOI:10.1109/CLOUD.2015.82


Yosr Jarraya and Makan Pourzandi, Ericsson Research,;Alireza Shameli-Sendi, McGill University; Mohamed Cheriet, University of Quebec

Published 2015-06-27

© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.