COMPUTER NETWORKS GROUP - NETGROUP
A framework for automatic Network Security Functions configuration in NFV/Cloud context
External reference persons VALENZA FULVIO
Research Groups COMPUTER NETWORKS GROUP - NETGROUP
Thesis type SOFTWARE DEVELOPMENT
Description Network function virtualization (NFV) is a new networking paradigm that can be used to virtualize single network functions.
NFV introduces several advantages compared to classical approaches, such as the dynamic provisioning of functionality or the implementation of scalable and reliable services (e.g., adding a new instance to support demands). NFV also allows the deployment of security controls, like firewalls or VPN gateways, as virtualized network functions. However, currently there is not an automatic way to select the security functions to enable and to configure the selected ones according to a set of userís security requirements.
The objective of the thesis is to define a framework that addresses the following challenges:
(1) automatically identify the security functions necessary to enforce a given set of security policies, (2) automatically decide where the selected security functions will be deployed, and (3) automatically generate the necessary configurations of the selected security functions.
The set of developed tools and libraries will be integrated into an existing software, which is already able to perform a basic refinement process.
Required skills Good java programming skills.
Deadline 30/10/2019 PROPONI LA TUA CANDIDATURA