3RD IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)
Secure and Integrated Management in the Cloud and 5G Era
Co-located with IEEE/IFIP IM 2017
Lisbon, Portugal
Keynote II (back to main page)
Fernando Ramos (homepage)
Assistant Professor @ University of Lisbon
Secure network virtualisation with user-centric clouds
May 12th, 14:00 pm - 15:00 pmAbstract: Existing multi-tenant network virtualization platforms have so far focused on the offer of conventional networking services by a single cloud provider. As such, they face limitations in terms of security and dependability, both in terms of the infrastructure itself and of the services offered to their customers.
In this talk we present the design and implementation of Sirius, a network virtualization platform that overcomes these limitations by creating the abstraction of user-centric clouds. In our solution, users define U-Clouds, which are isolated sets of computation and networking services that run over both private and public clouds operated by multiple providers, with customized security and dependability requirements.
In the talk we focus on two of the fundamental technical challenges of our design: isolation and virtual network embedding (VNE). We tackle the first problem by employing a logically-centralised network architecture. The Sirius controller has network-wide visibility and is able to exert direct control over all network elements, enabling isolation. For the second problem we present a novel solution for VNE that finds efficient mappings of virtual networks requests onto the substrate network, while fulfilling the security and dependability requirements of users.
Biography: Fernando Ramos is an Assistant Professor in the Department of Informatics, at the Faculty of Sciences University of Lisbon. He is also an integrated researcher at the LaSIGE — eXtreme Computing Lab, being a member of the Navigators group, and member of the MEF Research Council.
Until 2010 Dr. Ramos was a supervisor in the Computer Laboratory at the University of Cambridge. Prior to that he also lectured at the ISEL and at the University of Aveiro. He holds a PhD degree from the University of Cambridge, where he worked with Jon Crowcroft and Ian H. White. He also holds an MSc Degree in Telecommunications from Queen Mary University of London (supervised by Laurie Cuthbert and Manuel Duarte) and a Licenciatura (roughly equivalent to BSc+MSc) in Electronics and Telecommunications Engineering from the University of Aveiro.
He is interested in computer networks and communication systems. In particular, network programmability (Software-Defined Networking and siblings), network virtualization, network verification, and cloud computing, with security and dependability as orthogonal concerns.