University of Oulu

M. Bagaa, T. Taleb, J. B. Bernabe and A. Skarmeta, "QoS and Resource-Aware Security Orchestration and Life Cycle Management," in IEEE Transactions on Mobile Computing, vol. 21, no. 8, pp. 2978-2993, 1 Aug. 2022, doi: 10.1109/TMC.2020.3046968

QoS and resource-aware security orchestration and life cycle management

Saved in:
Author: Bagaa, Miloud1; Taleb, Tarik1,2,3; Bernabe, Jorge Bernal4;
Organizations: 1Aalto University, Finland
2University of Oulu, 90570 Oulu, Finland
3Department of Computer and Information Security, Sejong University, South Korea
4Department of Communications and Information Engineering, University of Murcia, Spain
Format: article
Version: accepted version
Access: open
Online Access: PDF Full Text (PDF, 2.2 MB)
Persistent link:
Language: English
Published: Institute of Electrical and Electronics Engineers, 2020
Publish Date: 2022-02-22


Zero-touch network and Service Management (ZSM) exploits Network Function Virtualization (NFV) and Software-Defined Networking (SDN) to efficiently and dynamically orchestrate different Service Function Chaining (SFC), whereby reducing capital expenditure and operation expenses. The SFC is an optimization problem that shall consider different constraints, such as Quality of Service (QoS), and actual resources, to achieve cost-efficient scheduling and allocation of the service functions. However, the large-scale, complexity and security issues brought by virtualized IoT networks, which embrace different network segments, e.g. Fog, Edge, Core, Cloud, that can also exploit proximity (computation offloading of virtualized IoT functions to the Edge), imposes new challenges for ZSM orchestrators intended to optimize the SFC, thereby achieving seamless user-experience, minimal end-to-end delay at a minimal cost. To cope with these challenges, this paper proposes a cost-efficient optimized orchestration system that addresses the whole life-cycle management of different SFCs, that considers QoS (including end-to-end delay, bandwidth, jitters), actual capacities of Virtual Network Functions (VNFs), potentially deployed across multiple Clouds-Edges, in terms of resources (CPU, RAM, storage) and current network security levels to ensure trusted deployments. The proposed orchestration system has been implemented and evaluated in the scope of H2020 Anastacia EU project¹, showing its feasibility and performance to efficiently manage SFC, optimizing deployment costs, reducing overall end-to-end delay and optimizing VNF instances distribution.

see all

Series: IEEE transactions on mobile computing
ISSN: 1536-1233
ISSN-E: 1558-0660
ISSN-L: 1536-1233
Volume: 21
Issue: 8
Pages: 2978 - 2993
DOI: 10.1109/TMC.2020.3046968
Type of Publication: A1 Journal article – refereed
Field of Science: 213 Electronic, automation and communications engineering, electronics
Funding: This work was partially supported by the European research project H2020 ANASTACIA GA 731558, MonB5G GA 871780 and INSPIRE-5Gplus GA 871808. It has been also partially funded by AXA Postdoctoral Scholarship awarded by the AXA Research Fund (Cyber-SecIoT project). This work was partially supported by the Academy of Finland 6Genesis project under Grant No. 318927, and by the Academy of Finland CSN project under Grant No. 311654.
EU Grant Number: (871808) INSPIRE-5Gplus - INtelligent Security and PervasIve tRust for 5G and Beyond
Academy of Finland Grant Number: 318927
Detailed Information: 318927 (Academy of Finland Funding decision)
Copyright information: © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.