Privacy-Preserving Deployment Mechanism for Service Function Chains Across Multiple Domains

IF 4.7 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Network and Service Management Pub Date : 2023-09-04 DOI:10.1109/TNSM.2023.3311587

Jun Cai;Zirui Zhou;Zhongwei Huang;Wenlong Dai;Fei Richard Yu

{"title":"Privacy-Preserving Deployment Mechanism for Service Function Chains Across Multiple Domains","authors":"Jun Cai;Zirui Zhou;Zhongwei Huang;Wenlong Dai;Fei Richard Yu","doi":"10.1109/TNSM.2023.3311587","DOIUrl":null,"url":null,"abstract":"Network function virtualization (NFV) has attracted attention because of its flexible configuration and management of network functions. Based on NFV, the service function chain (SFC) defines a group of virtual network functions (VNFs) connected sequentially, enabling flexible customization and provisioning of network services. In the large-scale and heterogeneous Internet of Things (IoT) environment, e.g., industrial IoT, servers provided by a single infrastructure provider (InP) cannot support the deployment of all VNFs, and SFCs must be deployed across multiple domains. However, SFCs deployed across multiple domains will inevitably bring privacy leakage and resource coordination difficulties, thereby reducing the efficiency of network services. To address these issues, this paper proposes a privacy-preserving deployment mechanism (PPDM) for SFCs that achieves near-optimal SFC deployment across multiple domains while protecting resource and topology privacy. PPDM first performs virtual resource prediction and forms the service intention response matrix (SIRM) based on SFC requests (SFCRs). Second, the multi-domain controller (MDC) discovers a near-optimal SFCs deployment strategy by deep Q-network (DQN) using SIRM as input to protect domains’ privacy. Finally, the learned strategies are distributed to intra-domain controllers (IDCs) to implement specific services. Simulation results demonstrate that the proposed method outperforms privacy-preserving and non-privacy-preserving methods.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"21 1","pages":"1241-1256"},"PeriodicalIF":4.7000,"publicationDate":"2023-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Network and Service Management","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10239110/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Network function virtualization (NFV) has attracted attention because of its flexible configuration and management of network functions. Based on NFV, the service function chain (SFC) defines a group of virtual network functions (VNFs) connected sequentially, enabling flexible customization and provisioning of network services. In the large-scale and heterogeneous Internet of Things (IoT) environment, e.g., industrial IoT, servers provided by a single infrastructure provider (InP) cannot support the deployment of all VNFs, and SFCs must be deployed across multiple domains. However, SFCs deployed across multiple domains will inevitably bring privacy leakage and resource coordination difficulties, thereby reducing the efficiency of network services. To address these issues, this paper proposes a privacy-preserving deployment mechanism (PPDM) for SFCs that achieves near-optimal SFC deployment across multiple domains while protecting resource and topology privacy. PPDM first performs virtual resource prediction and forms the service intention response matrix (SIRM) based on SFC requests (SFCRs). Second, the multi-domain controller (MDC) discovers a near-optimal SFCs deployment strategy by deep Q-network (DQN) using SIRM as input to protect domains’ privacy. Finally, the learned strategies are distributed to intra-domain controllers (IDCs) to implement specific services. Simulation results demonstrate that the proposed method outperforms privacy-preserving and non-privacy-preserving methods.

查看原文本刊更多论文

跨多域服务功能链的隐私保护部署机制

网络功能虚拟化（NFV）因其对网络功能的灵活配置和管理而备受关注。基于 NFV，服务功能链（SFC）定义了一组按顺序连接的虚拟网络功能（VNF），从而实现了网络服务的灵活定制和供应。在大规模、异构的物联网（IoT）环境中，例如工业物联网，单一基础设施提供商（InP）提供的服务器无法支持所有 VNF 的部署，因此必须在多个域中部署 SFC。然而，跨域部署 SFC 不可避免地会带来隐私泄露和资源协调困难，从而降低网络服务的效率。为解决这些问题，本文提出了一种 SFC 的隐私保护部署机制（PPDM），在保护资源和拓扑隐私的同时，实现跨域近乎最优的 SFC 部署。PPDM 首先根据 SFC 请求（SFCR）执行虚拟资源预测并形成服务意图响应矩阵（SIRM）。其次，多域控制器（MDC）以 SIRM 为输入，通过深度 Q 网络（DQN）发现接近最优的 SFC 部署策略，以保护域的隐私。最后，学习到的策略被分配给域内控制器（IDC），以实现特定服务。仿真结果表明，所提出的方法优于隐私保护和非隐私保护方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Network and Service Management Computer Science-Computer Networks and Communications

CiteScore

9.30

自引率

15.10%

发文量

325

期刊介绍： IEEE Transactions on Network and Service Management will publish (online only) peerreviewed archival quality papers that advance the state-of-the-art and practical applications of network and service management. Theoretical research contributions (presenting new concepts and techniques) and applied contributions (reporting on experiences and experiments with actual systems) will be encouraged. These transactions will focus on the key technical issues related to: Management Models, Architectures and Frameworks; Service Provisioning, Reliability and Quality Assurance; Management Functions; Enabling Technologies; Information and Communication Models; Policies; Applications and Case Studies; Emerging Technologies and Standards.