发布求助
文献互助 智能选刊 最新文献

IEEE Transactions on Network and Service Management最新文献

筛选
英文 中文
Dynamic Certificateless Outsourced Data Auditing Mechanism Supporting Multi-Ownership Transfer via Blockchain Systems 通过区块链系统支持多所有权转移的动态无证书外包数据审计机制
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2025-01-03 DOI: 10.1109/TNSM.2025.3525462
Xiaojun Zhang;Qing Liu;Bingyun Liu;Yuan Zhang;Jingting Xue
{"title":"Dynamic Certificateless Outsourced Data Auditing Mechanism Supporting Multi-Ownership Transfer via Blockchain Systems","authors":"Xiaojun Zhang;Qing Liu;Bingyun Liu;Yuan Zhang;Jingting Xue","doi":"10.1109/TNSM.2025.3525462","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3525462","url":null,"abstract":"Data auditing contributes to checking the integrity of outsourced data, promoting the vigorous development of cloud storage services. In actual scenarios, such as migration of electronic medical records or data transfer of enterprise mergers and acquisitions, it always require data auditing to help clients with dynamic data migration and integrity checking. In this paper, we present an efficient dynamic certificateless outsourced data auditing mechanism supporting multi-ownership transfer (CDA-MOT), addressing the issue of key escrow and without needing complex certificate management. By integrating a certificateless multi-signature on the same data file into the construction of a homomorphic authenticator based on the Lagrange inverse Multinomial theorem, CDA-MOT not only achieves integrity verification but also enables clients to transfer ownership rights and responsibilities for multi-ownership data in collaboration with cloud servers. Utilizing blockchain systems to store necessary data conversion and update records, as well as smart contracts to fulfill auditing tasks, CDA-MOT owns the characteristics of openness, transparency, accountability, and decentralized public auditing. Besides, CDA-MOT could be further applied in the extension of dynamic update operations, even if outsourced data have been transferred. The security analysis and performance evaluation have demonstrated the feasibility of CDA-MOT in the secure deployment of cloud storage.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"2017-2030"},"PeriodicalIF":4.7,"publicationDate":"2025-01-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
ICE-CREAM: Multi-Agent Fully Cooperative Decentralized Framework for Energy Efficiency in RAN Slicing ICE-CREAM:用于提高 RAN 切片能效的多代理完全合作分散式框架
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2025-01-03 DOI: 10.1109/TNSM.2024.3524503
Hnin Pann Phyu;Diala Naboulsi;Razvan Stanica
{"title":"ICE-CREAM: Multi-Agent Fully Cooperative Decentralized Framework for Energy Efficiency in RAN Slicing","authors":"Hnin Pann Phyu;Diala Naboulsi;Razvan Stanica","doi":"10.1109/TNSM.2024.3524503","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3524503","url":null,"abstract":"Network slicing is one of the major catalysts proposed to turn future telecommunication networks into versatile service platforms. Along with its benefits, network slicing is introducing new challenges in the development of sustainable network operations, as it entails a higher energy consumption compared to non-sliced networks. Using a sliced architecture, which includes guaranteeing the communication and computation requirements for each slice, is essential for operators to provide a satisfying user quality of service (QoS) in a multi-service network. At the same time, building sustainable mobile networks, with the least amount of resources used, is crucial today, for both economic and environmental reasons. As a result, mobile operators need to find a middle ground between these two objectives – a tough nut considering they are both antithetical and important. In this light, we investigate a joint slice activation/deactivation and user association problem, with the aim of minimizing energy consumption and maximizing the QoS. The proposed multI-agent fully CooperativE deCentRalizEd frAMework (ICE-CREAM) addresses the formulated joint problem, with agents acting at two different granularity levels. Not only all the agents can access the shared information with their direct neighbors, but also they are trained with one global reward, which is an ideal approach in multi-agent cooperative settings. We evaluate ICE-CREAM using a real-world dataset that captures the spatio-temporal consumption of three different mobile services in France. Experimental results demonstrate that the proposed solution provides more than 30% energy efficiency improvement compared to a configuration where all the slice instances are always active while maintaining the same level of QoS. From a broader perspective, our work explicitly shows the impact of prioritizing the energy over QoS, and vice versa.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"1859-1873"},"PeriodicalIF":4.7,"publicationDate":"2025-01-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143861009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Semantic-Aware Federated Blockage Prediction (SFBP) in Vision-Aided Next-Generation Wireless Network 视觉辅助下一代无线网络中语义感知联合阻塞预测(SFBP)
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2025-01-02 DOI: 10.1109/TNSM.2024.3525338
Ahsan Raza Khan;Habib Ullah Manzoor;Rao Naveed Bin Rais;Sajjad Hussain;Lina Mohjazi;Muhammad Ali Imran;Ahmed Zoha
{"title":"Semantic-Aware Federated Blockage Prediction (SFBP) in Vision-Aided Next-Generation Wireless Network","authors":"Ahsan Raza Khan;Habib Ullah Manzoor;Rao Naveed Bin Rais;Sajjad Hussain;Lina Mohjazi;Muhammad Ali Imran;Ahmed Zoha","doi":"10.1109/TNSM.2024.3525338","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3525338","url":null,"abstract":"Predicting signal blockages in millimetre-wave and terahertz networks is essential for enabling proactive handover (PHO) and ensuring seamless connectivity. Existing approaches utilizing deep learning, multi-modal vision and wireless sensing data primarily depend on centralized model training. Although these techniques are effective, they come with high communication costs, inefficient bandwidth usage, and latency issues, which restrict their real-time applicability. This paper proposes a Semantic-Aware Federated Blockage Prediction (SFBP) framework, leveraging the lightweight computer vision technique MobileNetV3 for edge-based semantic extraction, lowering communication and computation costs. Furthermore, we introduce a Similarity-Driven Federated Averaging (SD-FedAVG) mechanism to enhance the robustness of the model aggregation process, effectively mitigating the impact of noisy updates and adversarial attacks. Our proposed SFBP framework achieves 97.1% blockage prediction accuracy, closely matching centralized learning methods, while reducing communication costs by 88.75% compared to centralized learning and by 57.87% compared to FL without semantic extraction. Moreover, on-device inference reduces the latency by 23% compared to centralized learning and 18% compared to FL without semantic extraction, improving real-time decision-making for PHO. Additionally, the SD-FedAVG mechanism improves prediction accuracy under noisy conditions, directly impacting the PHO by reducing the handover failure rate by 7%.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"1531-1543"},"PeriodicalIF":4.7,"publicationDate":"2025-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143871092","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Novel Bandwidth-Aware Network Coding for Fast Cloud-of-Clouds Disaster Backup 面向云中云快速灾难备份的新型带宽感知网络编码
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2025-01-01 DOI: 10.1109/TNSM.2024.3524787
Jiajie Shen;Bochun Wu;Wang Xiang;Sai Zou;Wenyong Wang;Laizhong Cui;Wei Ni
{"title":"Novel Bandwidth-Aware Network Coding for Fast Cloud-of-Clouds Disaster Backup","authors":"Jiajie Shen;Bochun Wu;Wang Xiang;Sai Zou;Wenyong Wang;Laizhong Cui;Wei Ni","doi":"10.1109/TNSM.2024.3524787","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3524787","url":null,"abstract":"Cloud-of-clouds storage can enhance the data security and reliability of online applications by encrypting, encoding, and distributing user data across multiple clouds. Fast transferring large volumes of data through networks with limited bandwidths remains a practical challenge, especially in the event of disaster backup. To address this, we model a data storage process using an information flow graph and estimate inter-cloud traffic. We propose a new Network Coding-based Cloud-of-Clouds Backup (NC<sup>3</sup>B) framework, which enables collaborative encoding and data exchange among backup clouds to utilize inter-cloud bandwidth efficiently. We analytically corroborate that NC<sup>3</sup>B effectively reduces write operation latency. We also demonstrate the NC<sup>3</sup>B framework by incorporating two cutting-edge Reed-Solomon (RS) based data storage techniques, namely All-Or-Nothing Transform-RS (AONT-RS) and Converge AONT-RS (CAONT-RS), referred to as Network coding-based Backup AONT-RS (NBAONT-RS) and Network coding-based Backup CAONT-RS (NBCAONT-RS), respectively. To validate our approach, we deploy a real-world prototype storage system on Amazon EC2 using a cluster trace set, and underscore the effectiveness of NC<sup>3</sup>B, showcasing reductions in latency of up to 50% compared to state-of-the-art approaches, alongside throughput improvements of up to 98%. These findings underscore the benefits of NC<sup>3</sup>B in real-world storage scenarios.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"2087-2105"},"PeriodicalIF":4.7,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143861006","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Efficient Winner and Payment Determination Algorithm in Reverse Auction for Edge Federation 边缘联邦逆向拍卖中一种有效的赢家和支付确定算法
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2025-01-01 DOI: 10.1109/TNSM.2024.3524605
Taeyun Kim;Joonwoo Kim;Hochan Lee;Seoyul Oh;Sangheon Pack
{"title":"An Efficient Winner and Payment Determination Algorithm in Reverse Auction for Edge Federation","authors":"Taeyun Kim;Joonwoo Kim;Hochan Lee;Seoyul Oh;Sangheon Pack","doi":"10.1109/TNSM.2024.3524605","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3524605","url":null,"abstract":"Edge federation is a promising approach for reducing the workload of each operator by facilitating resource sharing amongst operators. However, operators often exhibit selfish behavior, prioritizing their own benefits. They may refrain from participating in edge federation or misrepresent the actual value of their resources, which ultimately diminishes the overall benefits of edge federation. To address this issue, we first establish a Vickrey-Clarke-Groves (VCG)-based reverse auction framework for task offloading in edge federation. In the framework, a winner determination problem is formulated as an integer linear programming (ILP) problem. The ILP problem formulated has high computational complexity and cannot be applied to large and dynamic network environments. Thus, we propose an efficient winner and payment (W&P) determination algorithm to obtain sub-optimal solutions in polynomial time. Extensive simulation results demonstrate that the proposed algorithm increases the total profit of edge federation by up to 119.7% and reduces total resource usage by up to 54.8%, respectively, compared to other comparison algorithms.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"1945-1954"},"PeriodicalIF":4.7,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860776","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Joint Optimization of Completion Ratio and Latency of Offloaded Tasks With Multiple Priority Levels in 5G Edge 5G边缘多优先级卸载任务完成率与时延联合优化
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2025-01-01 DOI: 10.1109/TNSM.2024.3525004
Parisa Fard Moshiri;Murat Simsek;Burak Kantarci
{"title":"Joint Optimization of Completion Ratio and Latency of Offloaded Tasks With Multiple Priority Levels in 5G Edge","authors":"Parisa Fard Moshiri;Murat Simsek;Burak Kantarci","doi":"10.1109/TNSM.2024.3525004","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3525004","url":null,"abstract":"Multi-Access Edge Computing (MEC) is widely recognized as an essential enabler for applications that necessitate minimal latency. However, the dropped task ratio metric has not been studied thoroughly in literature. Neglecting this metric can potentially reduce the system’s capability to effectively manage tasks, leading to an increase in the number of eliminated or unprocessed tasks. This paper presents a 5G-MEC task offloading scenario with a focus on minimizing the dropped task ratio, computational latency, and communication latency. We employ Mixed Integer Linear Programming (MILP), Particle Swarm Optimization (PSO), and Genetic Algorithm (GA) to optimize the latency and dropped task ratio. We conduct an analysis on how the quantity of tasks and User Equipment (UE) impacts the ratio of dropped tasks and the latency. The tasks that are generated by UEs are classified into two categories: urgent tasks and non-urgent tasks. The UEs with urgent tasks are prioritized in processing to ensure a zero-dropped task ratio. Our proposed method improves the performance of the baseline methods, First Come First Serve (FCFS) and Shortest Task First (STF), in the context of 5G-MEC task offloading. Under the MILP-based approach, the latency is reduced by approximately 55% compared to GA and 35% compared to PSO. The dropped task ratio under the MILP-based approach is reduced by approximately 70% compared to GA and by 40% compared to PSO.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"1357-1371"},"PeriodicalIF":4.7,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143871024","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Improved Q-Learning-Based Multi-Hop Routing for UAV-Assisted Communication 基于改进q学习的无人机辅助通信多跳路由
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2024-12-23 DOI: 10.1109/TNSM.2024.3522153
N. P. Sharvari;Dibakar Das;Jyotsna Bapat;Debabrata Das
{"title":"Improved Q-Learning-Based Multi-Hop Routing for UAV-Assisted Communication","authors":"N. P. Sharvari;Dibakar Das;Jyotsna Bapat;Debabrata Das","doi":"10.1109/TNSM.2024.3522153","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3522153","url":null,"abstract":"Designing efficient routing protocols for Uncrewed Aerial Vehicle (UAV)-assisted communication presents significant challenges due to rapidly changing topology, limited battery capacity, and dynamic network conditions.such as energy consumption, link quality, or latency but often overlook the necessity of an integrated approach considering a broader range of factors. This paper introduces the Improved Q-learning-based Multi-hop Routing (IQMR) algorithm that facilitates energy-efficient, and reliable data transmission in UAV-assisted communication. IQMR achieves this by selecting the optimal next-hop node to ensure efficient energy utilization, reliable packet delivery through collision avoidance, and adaptive network reorganization to maintain connectivity without relying on predefined UAV paths. To the best of our knowledge, IQMR is the first to employ a multi-objective framework that captures the inter-dependencies between network parameters and UAV operational states while leveraging <inline-formula> <tex-math>$Q(lambda)$ </tex-math></inline-formula> learning to make routing decisions, ensuring reliable communication in dynamic environments. Results show that IQMR demonstrates a 36.35% improvement in energy efficiency and a 32.05% increase in data throughput over existing methods.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"1330-1344"},"PeriodicalIF":4.7,"publicationDate":"2024-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143871111","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Toward Deploying Parallelized Service Function Chains Under Dynamic Resource Request in Multi-Access Edge Computing 多访问边缘计算中动态资源请求下并行服务功能链的部署
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2024-12-23 DOI: 10.1109/TNSM.2024.3520911
Dongliang Zhang;Lei Wang;Amin Rezaeipanah
{"title":"Toward Deploying Parallelized Service Function Chains Under Dynamic Resource Request in Multi-Access Edge Computing","authors":"Dongliang Zhang;Lei Wang;Amin Rezaeipanah","doi":"10.1109/TNSM.2024.3520911","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3520911","url":null,"abstract":"Resource distribution policy and how to assemble the Service Function Chain (SFC) in Multi-access Edge Computing (MEC) networks to meet service quality standards poses an important challenge for Network Function Virtualization (NFV) technology. Increasing the number of Virtual Network Functions (VNFs) leads to high-latency SFC assembly, which can be countered by network function parallelization. However, existing studies parallelize VNF for resource allocation in MEC by assuming that the demanded resources do not change during SFC assembly. To address these issues, this paper develops a Latency-aware VNF Parallelization strategy under Resource demand Uncertainty (LVPRU) in MEC. We formulate LVPRU under the assumption of resource uncertainty in MEC via Quadratic Integer Programming (QIP) and show that the problem is NP-hard. LVPRU parallelizes VNFs by discovering dependencies between them and assembles multiple sub-SFCs instead of the original SFC. We apply Asynchronous Advantage Actor-Critic (A3C) as a deep reinforcement learning algorithm to assemble sub-SFCs. We finally evaluate the performance of LVPRU through trace-driven simulations. The evaluation results of proposed strategy are promising in different scenarios compared to benchmark algorithms.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"1899-1910"},"PeriodicalIF":4.7,"publicationDate":"2024-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860848","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Adaptive Ensemble Learning Paradigm With Spatial-Temporal Feature Extraction for Wireless Traffic Prediction 基于时空特征提取的自适应集成学习模式在无线流量预测中的应用
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2024-12-23 DOI: 10.1109/TNSM.2024.3522115
Yifei Zhu;Lei Feng;Fanqin Zhou;Wenjing Li
{"title":"An Adaptive Ensemble Learning Paradigm With Spatial-Temporal Feature Extraction for Wireless Traffic Prediction","authors":"Yifei Zhu;Lei Feng;Fanqin Zhou;Wenjing Li","doi":"10.1109/TNSM.2024.3522115","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3522115","url":null,"abstract":"Accurately predicting traffic in a cellular network is challenging since the traffic time series integrated by various wireless services is non-stationary and reveals concealed spatial correlation among different cells. Due to that, the presence of bias in a single forecast model often hinders the ability to generalise under numerous circumstances in wireless traffic data, no particular approach stands out as clearly superior to the others. In this paper, we propose an adaptive ensemble learning paradigm that can benefit from centralizing individual forecast base models. It stacks the prediction outputs of several base learners due to the traffic dynamics characteristic. An improved convolutional neural network (CNN)-based representation learning method is designed to extract the high-order spatial-temporal features in the traffic data and obtain the adaptive weights of participating base learner models for the ensemble. The experimental results verify that the proposed ensemble approach can fully utilize spatial-temporal features and outperform individual statistical and machine-learning models regarding prediction accuracy. Furthermore, the ensemble method via stacking base models with fewer parameters is capable of generating predictions close to the large-parametric spatial-temporal transformer (ST-Tran) model produced.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"1727-1743"},"PeriodicalIF":4.7,"publicationDate":"2024-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860847","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
SafeLib: A Comprehensive Framework for Secure Outsourcing of Network Functions SafeLib:网络功能安全外包的综合框架
IF 4.7 2区 计算机科学
IEEE Transactions on Network and Service Management Pub Date : 2024-12-19 DOI: 10.1109/TNSM.2024.3520817
Enio Marku;Colin Boyd;Gergely Biczók
{"title":"SafeLib: A Comprehensive Framework for Secure Outsourcing of Network Functions","authors":"Enio Marku;Colin Boyd;Gergely Biczók","doi":"10.1109/TNSM.2024.3520817","DOIUrl":"https://doi.org/10.1109/TNSM.2024.3520817","url":null,"abstract":"Outsourcing virtual network functions (VNFs) to third-party service providers, such as public clouds, has become the norm. While outsourcing brings many benefits, including scalability, streamlined management, and lower CapEx, it also introduces security concerns. Owing to the lack of trust in the cloud, organizations may opt to shield both their network functions and the traffic flowing through them. Existing outsourcing mechanisms, however, fall short of the functionality, security, and/or performance requirements. This paper presents SafeLib, a comprehensive, Intel SGX based, open-source, secure network function outsourcing framework. To the best of our knowledge, SafeLib is the first trusted hardware based solution providing i) support for both stateful and stateless virtual NFs, ii) strong security properties with regard to both user traffic and VNF execution, state, policies, and code, iii) high performance, iv) enhanced usability for VNF developers and v) flexibility in choosing the network stack by providing support for both kernel and kernel-bypass mechanisms. We corroborate our performance claims through an extensive testbed evaluation. In addition, we provide insights on the performance penalty of major SGX limitations and also refute the popular belief that using a library OS within an SGX enclave necessarily reduces performance. We believe that SafeLib provides a flexible and performant tool with strong security guarantees for building secure, carrier-grade cloud-based services.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"2181-2198"},"PeriodicalIF":4.7,"publicationDate":"2024-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860795","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信