Virtualized Security at the Network Edge: A User-Centric Approach

IEEE Communications Magazine

Volumn 53, Issue 4, 2015, Pages 176-186

  Montero, Diego ^a   Yannuzzi, Marcelo ^a   Shaw, Adrian ^b   Jacquin, Ludovic ^b   Pastor, Antonio ^c   Serral Gracià, René ^a   Lioy, Antonio ^d   Risso, Fulvio ^d   Basile, Cataldo ^d   Sassu, Roberto ^d   Nemirovsky, Mario ^f   Ciaccia, Francesco ^e   Georgiades, Michael ^g   Charalambides, Savvas ^g   Kuusijärvi, Jarkko ^h   Bosco, Francesca ⁱ  

^a UNIVERSITAT POLITÈCNICA DE CATALUNYA   (Spain)

^b HEWLETT PACKARD LABORATORIES   (United Kingdom)

^c TELEFONICA RESEARCH   (Spain)

^d POLITECNICO DI TORINO   (Italy)

^e BARCELONA SUPERCOMPUTING CENTER   (Spain)

^f INSTITUCIÓ CATALANA DE RECERCA I ESTUDIS AVANÇATS ICREA   (Spain)

^g PrimeTel PLC   (Cyprus)

^h VTT TECHNICAL RESEARCH CENTRE OF FINLAND   (Finland)

ⁱ United Nations Interregional Crime and Justice Research Institute   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER GAMES; MOBILE SECURITY; PERSONAL COMPUTERS; VIRTUAL REALITY;

NETWORK FUNCTIONS; NEXT GENERATION ACCESS NETWORKS; POINTS OF PRESENCES; PROOF OF CONCEPT; PROTECTION MODELS; TELECOM OPERATORS; TRUSTED VIRTUAL DOMAINS; USER-CENTRIC MODELING;

NEXT GENERATION NETWORKS;

EID: 84927741456     PISSN: 01636804     EISSN: None     Source Type: Journal    
DOI: 10.1109/MCOM.2015.7081092     Document Type: Article

References (14)

1. ETSI, "Network Functions Virtualisation (NFV) Architectural Framework," http://www.etsi.org/deliver/etsi-gs/NFV/001-099/002/01.02.01-60/gs-NFV002v010201p.pdf, December 2014.
2. J. Sherry et al., "Making Middleboxes Someone Else's Problem: Network Processing as a Cloud Service," Proc. ACM SIGCOMM 2012 Conf. Applications, Technologies, Architectures, and Protocols for Computer., 2012, pp. 13-24.
3. K. Goldman, R. Perez, and R. Sailer, "Linking Remote Attestation to Secure Tunnel Endpoints," Proc. 1st ACM Wksp. on Scalable Trusted Computing, 2006, pp. 21-24.
4. OASIS, "eXtensible Access Control Markup Language (XACML) Version 3.0," http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf, Jan. 2013.
5. "Security at the Network Edge (SECURED)," http://www.secured-fp7.eu/.
6. C. Basile et al., "Ontology-Based Security Policy Translation," J. Info. Assurance and Security, vol. 5, no. 1, 2010, pp. 437-45.
7. IBM Global Technology Services, "IBM Security Services 2014 Cyber Security Intelligence Index," http://media.scmagazine.com/documents/82/ibm-cyber-security-intelligenc-20450.pdf, June 2014.
8. C. Basile, A. Cappadonia, and A. Lioy, "Network-Level Access Control Policy Analysis and Transformation," IEEE/ACM Trans. Networking, vol. 20, no. 4, 2012, pp. 985-98.
9. P. McDaniel and A. Prakash, "Methods and Limitations of Security Policy Reconciliation," ACM Trans. Info. System Security, vol. 9, no. 3, Aug. 2006, pp. 259-91.
10. C. Basile et al., "A Formal Model of Policy Reconciliation," Proc. 23th Euromicro Int'l. Conf. Parallel, Distributed, and Network-Based Processing, March 4-6, 2015.
11. H. Zhang, Z. Qin, and Q. Yang, "Design and Implementation of the TPM chip J3210," Proc. 2008 Third Asia-Pacific Trusted Infrastructure Technologies Conf., 2008, pp. 72-78.
12. A. Steffen, "strongSwan - IPsec for Linux," https://www.strongswan.org.
13. Intel, "OpenAttestation SDK: A SDK for Remote Attestation," https://github.com/OpenAttestation/OpenAttestation.
14. R. Sailer et al., "Design and Implementation of a TCG-based Integrity Measurement Architecture," Proc. 13th Conf. USENIX Security Symp., 2004, pp. 223-38.