IIT Home Page CNR Home Page

Pushing Forward Security in Network Slicing by Leveraging Continuous Usage Control

Fifth generation (5G) softwarized network systemswill allow to flexibly partition the network infrastructure intologically-independent network slices, hosting end-to-end NetworkServices able to dynamically meet the diverse requirements ofvertical industries. However, the high-dynamicity of NFV-related operations and the interdependence of multiple slices running ontop of a shared underlying infrastructure pose peculiar security challenges. In this paper we investigate how such challenges can be addressed in the context of the MANagement andOrchestration (MANO) security functions within the ETSI NFV Architectural framework. In particular, we target access controland authorization functions, and we discuss how advancing themfor NFV/SDN deployments and network slicing with continuous and closed-loop Usage Control (UCON) mechanisms. We also present a Proof of Concept of a MANO framework extended with UCON capabilities able to regulate the access and the useof network slices according to customizable security policies. Preliminary performance evaluation proved the effectiveness ofthe proposed approach with minor impact to the user experience and prompt reaction time to security policy violations


IEEE Communication Magazine, 2020

Autori esterni: Barbara Martini (CNIT), Francesco Marino (Scuola Superiore Sant’Anna), Piero Castoldi (Scuola Superiore Sant’Anna)
Autori IIT:

Alessio Lunardelli

Foto di Alessio Lunardelli

Antonio La Marra

Foto di Antonio La Marra

Tipo: Contributo in rivista ISI
Area di disciplina: Information Technology and Communication Systems

File: Mori-COMMAG-2020.pdf

Attività: Sicurezza nel Cloud Computing