• ETRI Journal
• /
• v.43 no.5
• /
• pp.932-940
• /
• 2021

Currently, research on network functions virtualization focuses on using microservices in cloud environments. Previous studies primarily focused on communication between nodes in physical infrastructure. Until now, there is no sufficient research on group key management in virtual environments. The service is composed of microservices that change dynamically according to the virtual service. There are dependencies for microservices on changing the group membership of the service. There is also a high possibility that various security threats, such as data leakage, communication surveillance, and privacy exposure, may occur in interactive communication with microservices. In this study, we propose an ID-based group key exchange (idGKE) mechanism between microservices as one group. idGKE defines the microservices' schemes: group key gen, join group, leave group, and multiple group join. We experiment in a real environment to evaluate the performance of the proposed mechanism. The proposed mechanism ensures an essential requirement for group key management such as secrecy, sustainability, and performance, improving virtual environment security.

• Journal of information and communication convergence engineering
• /
• v.17 no.3
• /
• pp.185-190
• /
• 2019

The explosive growth of data traffic and services has created cost challenges for networks. Studies have attempted to effectively apply network slicing in fifth generation networks to provide high speed, low latency, and various compatible services. However, in network slicing using mixed-integer linear programming, the operation count increases exponentially with the number of physical servers and virtual network functions (VNFs) to be allocated. Therefore, we propose an efficient slice allocation method based on cluster technology, comprising the following three steps: i) clustering physical servers; ii) selecting an appropriate cluster to allocate a VNF; iii) selecting an appropriate physical server for VNF allocation. Solver runtimes of the existing and proposed methods are compared, under similar settings, with respect to intra-slice isolation. The results show that solver runtime decreases, by approximately 30% on average, with an increase in the number of physical servers within the cluster in the presence of intra-slice isolation.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.2
• /
• pp.211-218
• /
• 2015

This paper describes the implementation of the accelerated virtual switch using Intel DPDK(Data Plane Development Kit), and evaluates the virtual network functions of the virtual switch which is one of the most important components to build a virtual network for cloud computing. Nowadays, new information service platforms are appeared from the interconnection of intelligent IT systems like IoT(Internet of Things). And many companies want to use the new service platform for their new application service. The companies can apply there new service early which needs small investment and responses adaptively to the fast change of consumer environment. Using cloud computing technology, the new business service can be introduced as a commercial IT service for the time to market. In this study, an implementation and investigation were performed for the accelerated virtual switch, called Intel DPDK virtual switch, which is using multi processors in network interface card for virtual network functions. It can be useful for Internet-oriented companies to leverage the new cloud service and businesses for its creativeness.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.309-319
• /
• 2014

Virtual Network service is a key characteristics of future Internet which is debate internationally. There are two kinds of network virtualization technologies considered lately: network functions virtualization and virtual network approaches. Several national wide research networks including US's GENI project have experimented technologies for future Internet and in particular network virtualization is one of key issues. Representative Korean research network, KREONET, is working on deploying virtual network framework as a preliminary for future Ineternet using the virtualization model of SDN/OpenFlow which is typical network model of future Internet. This paper proposes a stepwise model to bring virtual network services in KREONET. Firstly, we requirements of KREONET users' virtual network service and network resource management and network deploying virtual network. Finally, we verify the adequacy of our virtual network model for KREONET.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.17-23
• /
• 2022

Network slicing is a promising paradigm and significant evolution for adjusting the heterogeneous services based on different requirements by placing dynamic virtual network functions (VNF) forwarding graph (VNFFG) and orchestrating service function chaining (SFC) based on criticalities of Quality of Service (QoS) classes. In system architecture, software-defined networks (SDN), network functions virtualization (NFV), and edge computing are used to provide resourceful data view, configurable virtual resources, and control interfaces for developing the modified deep reinforcement learning agent (MDRL-A). In this paper, task requests, tolerable delays, and required resources are differentiated for input state observations to identify the non-critical/critical classes, since each user equipment can execute different QoS application services. We design intelligent slicing for handing the cross-domain resource with MDRL-A in solving network problems and eliminating resource usage. The agent interacts with controllers and orchestrators to manage the flow rule installation and physical resource allocation in NFV infrastructure (NFVI) with the proposed formulation of completion time and criticality criteria. Simulation is conducted in SDN/NFV environment and capturing the QoS performances between conventional and MDRL-A approaches.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.1 s.33
• /
• pp.167-174
• /
• 2005

With the progress of portable appliances such as cell phone and handhold PC, the popularization of Personal Area Network (PAN) and the diversification of services that are based on Personal Mobile Gateway (PMG) . To use home services at any time regardless of their Position, it needs a virtual home network that a home network and outside networks are finally integrated. Although interoperability among home appliances reached their service stage, research for services and middleware for new small scale network such as PAN is at an early stage. Traditional home network service/connection methods, terminal control schemes, and middlewares must be extended to accommodate PMG-based PAM. In this paper, we propose an integrated virtual home network Platform that guarantees seamless connections between home network and PAM. We also analyze indispensable functions and presents functions that should be added existent home gateway or home sewer by function.

• International Journal of Computer Science & Network Security
• /
• v.24 no.2
• /
• pp.67-78
• /
• 2024

Software-Defined Networking (SDN) is a new emerging networking paradigm that has adopted a logically centralized architecture to increase overall network performance agility and programmability. Combining network virtualization with SDN will guarantees for combined advantages of improved flexibility and network performance. Combining SDN with hypervisors divides the network physical resources into several logical transparent and isolated virtual SDN network (vSDN), where each has its virtual controller. However, SDN hypervisors bring several advantages as well as several challenges to its network operators as for the virtual appliances, their efficient placement, assurance of network performance is mandatory, and their dynamic instantiation with their migration. In this article, we provide a brief and concise review of network virtualization along with its implementation in the SDN network. SDN hypervisors types are discussed, and taxonomy is provided to demonstrate the importance of hypervisors in SDN. A comparison of SDN hypervisors is performed to elaborate on the vital hypervisor software along with their features, and different challenges are discussed faced by the SDN network. A framework is proposed to add combined functionalities of hypervisors to create a more effective and efficient virtual system. The purpose of the framework is to increase network performance through proper configuration of resources, software, control plane isolation functions with defined rules and policies.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.8
• /
• pp.2783-2804
• /
• 2021

In the network function virtualization environment, dynamic changes in network traffic will lead to the dynamic changes of service function chain resource demand, which entails timely dynamic adjustment of service function chain resource configuration. At present, most researches solve this problem through virtual network function migration and link rerouting, and there exist some problems such as long service interruption time, excessive network operation cost and high penalty. This paper proposes a dynamic adjustment method of service function chain resource configuration for the dynamic changes of network traffic. First, a dynamic adjustment request of service function chain is generated according to the prediction of network traffic. Second, a dynamic adjustment strategy of service function chain resource configuration is determined according to substrate network resources. Finally, the resource configuration of a service function chain is pre-adjusted according to the dynamic adjustment strategy. Virtual network functions combination and virtual machine reusing are fully considered in this process. The experimental results show that this method can reduce the influence of service function chain resource configuration dynamic adjustment on quality of service, reduce network operation cost and improve the revenue of service providers.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.147-158
• /
• 2022

Cloud Computing offers flexible, on demand, ubiquitous resources for cloud users. Cloud users are provided computing resources in a virtualized environment. In order to meet the growing demands for computing resources, data centres contain a large number of physical machines accommodating multiple virtual machines. However, cloud data centres cannot utilize their computing resources to their total capacity. Several policies have been proposed for improving energy proficiency and computing resource utilization in cloud data centres. Virtual machine placement is an effective method involving efficient mapping of virtual machines to physical machines. However, the availability of many physical machines accommodating multiple virtual machines in a data centre has made the virtual machine placement problem a non deterministic polynomial time hard (NP hard) problem. Metaheuristic algorithms have been widely used to solve the NP hard problems of multiple and conflicting objectives, such as the virtual machine placement problem. In this context, we presented essential concepts regarding virtual machine placement and objective functions for optimizing different parameters. This paper provides a taxonomy of metaheuristic algorithms for the virtual machine placement method. It is followed by a review of prominent research of virtual machine placement methods using meta heuristic algorithms and comparing them. Finally, this paper provides a conclusion and future research directions in virtual machine placement of cloud computing.

• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.3-9
• /
• 2017

NFV is a technology that allows network services to be controlled and managed in software by separating various net work functions (NFs) from hardware devices in dedicated network equipment and implementing them in a high-performance general-purpose server. Therefore, standardized virtualization of network functions is one of the most important factors. However, until the introduction of NFV to provide commercial services, there are many technical issues to be solved such as guaranteeing performance, stability, support for multi-vendor environment, ensuring perfect interoperability, and linking existing virtual and non-virtual resources. In this paper, we propose a method to provide an end-to-end network virtualization service based on OSM R2 in KREONET.