TIIS (Çѱ¹ÀÎÅͳÝÁ¤º¸ÇÐȸ)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
Auto-configurable Security Mechanism for NFV |
| ¿µ¹®Á¦¸ñ(English Title) |
Auto-configurable Security Mechanism for NFV |
| ÀúÀÚ(Author) |
HyunJin Kim
PyungKoo Park
Jaecheol Ryou
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 12 NO. 02 PP. 0786 ~ 0799 (2018. 02) |
Çѱ۳»¿ë
(Korean Abstract) |
|
¿µ¹®³»¿ë
(English Abstract) |
Recently, NFV has attracted attention as a next-generation network virtualization technology for hardware -independent and efficient utilization of resources. NFV is a technology that not only virtualize computing, server, storage, network resources based on cloud computing but also connect Multi-Tenant of VNFs, a software network function. Therefore, it is possible to reduce the cost for constructing a physical network and to construct a logical network quickly by using NFV. However, in NFV, when a new VNF is added to a running Tenant, authentication between VNFs is not performed. Because of this problem, it is impossible to identify the presence of Fake-VNF in the tenant. Such a problem can cause an access from malicious attacker to one of VNFs in tenant as well as other VNFs in the tenant, disabling the NFV environment. In this paper, we propose Auto-configurable Security Mechanism in NFV including authentication between tenant-internal VNFs, and enforcement mechanism of security policy for traffic control between VNFs. This proposal not only authenticate identification of VNF when the VNF is registered, but also apply the security policy automatically to prevent malicious behavior in the tenant. Therefore, we can establish an independent communication channel for VNFs and guarantee a secure NFV environment.
|
| Å°¿öµå(Keyword) |
NFV
VNF
Authentication
Hash-Chain
ASMN
Sec-catalog
Sec-EM
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
