Português English
Contato
Publicado em: 22/03/2013

Dissertação de Mestrado em Redes de Computadores

UNIVERSIDADE FEDERAL DO RIO GRANDE DO SUL
INSTITUTO DE INFORMÁTICA
PROGRAMA DE POS-GRADUAÇÃO EM COMPUTAÇÃO
———————————————————
DEFESA DE DISSERTAÇÃO DE MESTRADO

Aluno: Leonardo Richter Bays
Orientador: Prof. Dr. Luciano Paschoal Gaspary

Título: Efficient, Online Embedding of Secure Virtual Networks
Linha de Pesquisa: Redes de Computadores

Data: 28/03/2013
Hora: 13h30min
Local: Auditório José Mauro Volkmer de Castilho, Prédio 43424 – Instituto de Informática

Banca Examinadora:
Prof. Dr. Fernando Luis Dotti (PUCRS)
Prof. Dr. Lisandro Zambenedetti Granville (UFRGS)
Prof. Dr. Marcus Rolf Peter Ritt (UFRGS)

Presidente da Banca: Prof. Dr. Luciano Paschoal Gaspary

Abstract:

Network virtualization has become increasingly prominent in recent years. It enables the creation of network infrastructures that are specifically tailored to the needs of distinct network applications and supports the instantiation of favorable environments for the development and evaluation of new architectures and protocols. Although recent efforts (motivated mainly by the search for mechanisms to evaluate Future Internet proposals) have contributed substantially to materialize this concept, none of them has attempted to combine efficient resource mapping with fulfillment of security requirements (e.g., confidentiality). It is important to note that, in the context of virtual networks, the protection of shared network infrastructures constitutes a fundamental condition to enable its use in large scale.

Considering the negative impact of security provisions in the virtual network embedding process is of paramount importance in order to fully utilize physical resources without underestimating capacity requirements. Therefore, in this thesis we propose both an optimal model and a heuristic algorithm for embedding virtual networks on physical substrates that aim to optimize physical resource usage while meeting security requirements. Both approaches feature precise modeling of overhead costs of security mechanisms used to protect virtual networks, and are able to handle virtual network requests in an online manner. In addition, we present the results of an extensive evaluation we carried out, including a detailed comparison of both the optimal model and the heuristic algorithm. Our experiments show that the Integer Linear Programming (ILP) model is capable of optimally embedding virtual networks on physical infrastructures with up to a hundred routers, while the heuristic algorithm is capable of scaling to larger infrastructures, providing timely, sub-optimal mappings.

Keywords: Network virtualization, embedding, security, confidentiality, linear programming.