• Journal of Information Processing Systems
• /
• v.13 no.2
• /
• pp.236-255
• /
• 2017

The rapid growth of smart devices demands an enhanced throughput for network connection sustainability during mobility. However, traditional wireless network architecture suffers from mobility management issues. In order to resolve the traditional mobility management issues, we propose a novel architecture for future wireless access network based on software-defined network (SDN) by using the advantage of network function virtualization (NFV). In this paper, network selection approach (NSA) has been introduced for mobility management that comprises of acquiring the information of the underlying networking devices through the OpenFlow controller, percepts the current network behavior and later the selection of an appropriate action or network. Furthermore, mobility-related scenarios and use cases to analyze the implementation aspects of the proposed architecture are provided. The simulation results confirm that the proposed scenarios have obtained a seamless mobility with enhanced throughput at minimum packet loss as compared to the existing IEEE 802.11 wireless network.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.47-55
• /
• 2015

Recently, the computing paradigm has been changing and VoIP technology is being revisited to support various services in ICT field. In this paper, we have designed and implemented the systems of software PBX open source Asterisk using light-weighted virtualization Docker technique, hardware platform, and mobile devices to support voice service based on secured mobile VoIP. And we verified the delay test of network traffics and the secured voice communication test in global real network environment.

• ETRI Journal
• /
• v.43 no.5
• /
• pp.932-940
• /
• 2021

Currently, research on network functions virtualization focuses on using microservices in cloud environments. Previous studies primarily focused on communication between nodes in physical infrastructure. Until now, there is no sufficient research on group key management in virtual environments. The service is composed of microservices that change dynamically according to the virtual service. There are dependencies for microservices on changing the group membership of the service. There is also a high possibility that various security threats, such as data leakage, communication surveillance, and privacy exposure, may occur in interactive communication with microservices. In this study, we propose an ID-based group key exchange (idGKE) mechanism between microservices as one group. idGKE defines the microservices' schemes: group key gen, join group, leave group, and multiple group join. We experiment in a real environment to evaluate the performance of the proposed mechanism. The proposed mechanism ensures an essential requirement for group key management such as secrecy, sustainability, and performance, improving virtual environment security.

• Journal of information and communication convergence engineering
• /
• v.20 no.1
• /
• pp.16-21
• /
• 2022

In this research, we create a network infrastructure based on a service-oriented infrastructure (SOI) for the virtualization technology and integrate it with a cloud technology that applies the cloud integration management platform (CIMP) concept. In CIMP, the server and storage will be separated. The server will be adopted for virtualization while the storage will be used by students and teachers to store data. As long they save their data in the storage module, every time, everywhere, and on every device, they can access their data. This research will implement the design of the network infrastructure and be applied to the remote practical learning system in the laboratory. Students and teachers will ultimately adopt this network infrastructure for remote practice using their respective devices without physically meeting in the laboratory. In the future, if the implementation phase is successful, then in addition to laboratory environments, it can be implemented in all learning activities at our campus.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.8
• /
• pp.3701-3727
• /
• 2016

Recently Service Function Chaining (SFC) is promising to innovate the network service mode in modern networks. However, a feasible implementation of SFC is still difficult due to the need to achieve functional equivalence with traditional modes without sacrificing performance or increasing network complexity. In this paper, we present a configurable network service chaining (CNSC) mechanism to provide services for network traffics in a flexible and optimal way. Firstly, we formulate the problem of network service chaining and design an effective service chain construction framework based on integrating software-defined networking (SDN) with network functions virtualization (NFV). Then, we model the service path computation problem as an integer liner optimization problem and propose an algorithm named SPCM to cooperatively combine service function instances with a network utility maximum policy. In the procedure of SPCM, we achieve the service node mapping by defining a service capacity matrix for substrate nodes, and work out the optimal link mapping policies with segment routing. Finally, the simulation results indicate that the average request acceptance ratio and resources utilization ratio can reach above 85% and 75% by our SPCM algorithm, respectively. Upon the prototype system, it is demonstrated that CNSC outperforms other approaches and can provide flexible and scalable network services.

• Convergence Security Journal
• /
• v.16 no.2
• /
• pp.19-23
• /
• 2016

The design, management, and operation of network infrastructure have evolved during the last few years, leveraging on innovative technologies and architectures. With such a huge trend, due to the flexibility and significant economic potential of these technologies, software defined networking (SDN) and network functions virtualization (NFV) are emerging as the most critical key enablers. SDN/NFV enhancing the infrastructure agility, thus network operators and service providers are able to program their own network functions (e.g., gateways, routers, load balancers) on vendor independent hardware substrate. They facilitating the design, delivery and operation of network services in a dynamic and scalable manner. In NFV, the management and orchestration (MANO) orchestrates other specific managers such as the virtual infrastructure manager (VIM) and the VNF Manager (VNFM). In this paper, we examine the contents of these NFV MANO systematically and proposes a security system in a virtualized environment.

• KNOM Review
• /
• v.23 no.2
• /
• pp.1-10
• /
• 2020

Network Function Virtualization (NFV) is a key technology of 5G networks that has the advantage of enabling building and operating networks flexibly. However, NFV can complicate network management because it creates numerous virtual resources that should be managed. In NFV environments, service function chaining (SFC) composed of virtual network functions (VNFs) is widely used to apply a series of network functions to traffic. Therefore, it is required to dynamically allocate the right amount of computing resources or instances to SFC for meeting service requirements. In this paper, we propose Deep Q-Networks (DQN)-based auto-scaling to operate the appropriate number of VNF instances in SFC. The proposed approach not only resizes the number of VNF instances in SFC composed of multi-tier architecture but also selects a tier to be scaled in response to dynamic traffic forwarding through SFC.

• IEIE Transactions on Smart Processing and Computing
• /
• v.6 no.1
• /
• pp.60-65
• /
• 2017

Network virtualization enables us to make efficient use of resources in a physical network by embedding multiple virtual networks in the physical network. In this paper, we develop a prototype of a virtual network embedding system. Our system consists of OpenStack, which is an open source cloud service platform, and shell scripts. Because OpenStack does not provide a quality of service control function, we realize bandwidth reservation for virtual links by making use of the ingress policing function of Open vSwitch, which is a virtual switch used in OpenStack. The shell scripts in our system automatically construct the required virtual network on the physical network using the OpenStack command-line interface, and they reserve bandwidth for virtual links using the Open vSwitch command. Experimental evaluation confirms that our system constructs the requested virtual network and appropriately allocates node and link resources to it.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.12
• /
• pp.1793-1800
• /
• 2016

Network virtualization is considered as an enabling technology to accomodate recently introduced new services such as cloud services and data center networks on top of the existing network environment. In this paper, an efficient virtual network mapping method is proposed which takes account of the location and resource requirements of virtual nodes and the bandwidth requirements of virtual links. The proposed method sets bandwidth as the priority metric for network mapping, and searches for a set of substrate nodes and paths that houses the virtual nodes and virtual links. Through the simulation experiments, it is verified that the proposed method provides better cost to revenue ratio and fast experiment time without degrading success rate of virtual network mapping.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.10
• /
• pp.1290-1300
• /
• 2016

Recently, various middle box services have been developed and applied to provide network functions to end nodes of the network. Especially, network virtualization is increasingly proceeding by applying the virtualization technologies of cloud computing field to network field, and network platforms for various flexible services are being developed to connect among the virtual network devices. Carrier-grade Network Address Translation (CGNAT) is also one of these flexible network services. This paper designs and implements the DPDK-based CGNAT framework that provides flexibility and maximizes address translation throughput. Our framework achieves 15.5 times higher throughput than the address translation service by Linux kernel.