? 在多租户数据中心中针对安全服务的负载自适应的流量转向和转发方案
Journal of Computer Science and Technology
Quick Search in JCST
 Advanced Search 
      Home | PrePrint | SiteMap | Contact Us | Help
 
Indexed by   SCIE, EI ...
Bimonthly    Since 1986
Journal of Computer Science and Technology 2017, Vol. 32 Issue (6) :1265-1278    DOI: 10.1007/s11390-017-1799-7
Regular Paper << Previous Articles | Next Articles >>
在多租户数据中心中针对安全服务的负载自适应的流量转向和转发方案
Xue-Kai Du1, Zhi-Hui Lu1,*, Member, IEEE, Qiang Duan2, Senior Member, IEEE, Jie Wu1, Cheng-Rong Wu1
1 School of Computer Science, Fudan University, Shanghai 200433, China;
2 Information Sciences and Technology Department, the Pennsylvania State University Abington College Abington, PA 19001, U.S.A
LTSS:Load-Adaptive Traffic Steering and Forwarding for Security Services in Multi-Tenant Cloud Datacenters
Xue-Kai Du1, Zhi-Hui Lu1,*, Member, IEEE, Qiang Duan2, Senior Member, IEEE, Jie Wu1, Cheng-Rong Wu1
1 School of Computer Science, Fudan University, Shanghai 200433, China;
2 Information Sciences and Technology Department, the Pennsylvania State University Abington College Abington, PA 19001, U.S.A

摘要
参考文献
相关文章
Download: [PDF 1958KB]  
摘要 目前,不同种类的安全设备部署在云数据中心环境中,并且租户可以选择他们期望的安全服务,例如防火墙和入侵检测系统(IDS)。同时,云计算数据中心的租户是动态的,有不同的要求。因此,云数据中心中的安全设备部署非常复杂,可能导致资源利用率低下。在本文中,我们在基于SDN的多租户云数据中心环境中展开研究这个问题。我们提出一种称为LTSS的负载自适应流量控制和分组转发方案来解决这个问题。我们的方案将SDN控制器与TagOper插件结合在一起,为租户确定最小负载的流量路径,并允许租户在更复杂的网络中获得所需的安全服务。我们还为LTSS开发了一个原型系统,并验证其功能,评估我们设计方案的性能。
关键词云数据中心   软件定义网络   安全服务   网络安全虚拟化   网络功能虚拟化   流量转向     
Abstract: Currently, different kinds of security devices are deployed in the cloud datacenter environment and tenants may choose their desired security services such as firewall and IDS (intrusion detection system). At the same time, tenants in cloud computing datacenters are dynamic and have different requirements. Therefore, security device deployment in cloud datacenters is very complex and may lead to inefficient resource utilization. In this paper, we study this problem in a software-defined network (SDN) based multi-tenant cloud datacenter environment. We propose a load-adaptive traffic steering and packet forwarding scheme called LTSS to solve the problem. Our scheme combines SDN controller with TagOper plug-in to determine the traffic paths with the minimum load for tenants and allows tenants to get their desired security services in SDN-based datacenter networks. We also build a prototype system for LTSS to verify its functionality and evaluate performance of our design.
Keywordscloud datacenter   software-defined network   security service   network security virtualization   network function virtualization   traffic steering     
Received 2016-11-02;
本文基金:

The work is supported by the National Natural Science Foundation of China under Grant Nos. 61572137 and 61728202, and Shanghai Innovation Action Project under Grant No. 16DZ1100200.

通讯作者: Zhi-Hui Lu     Email: lzh@fudan.edu.cn
About author: Xue-Kai Du got his Master's degree in computer science at School of Computer Science,Fudan University,Shanghai,in 2016.His research interests are cloud computing,virtualized network and software-defined network.
引用本文:   
Xue-Kai Du, Zhi-Hui Lu, Qiang Duan, Jie Wu, Cheng-Rong Wu.在多租户数据中心中针对安全服务的负载自适应的流量转向和转发方案[J]  Journal of Computer Science and Technology , 2017,V32(6): 1265-1278
Xue-Kai Du, Zhi-Hui Lu, Qiang Duan, Jie Wu, Cheng-Rong Wu.LTSS:Load-Adaptive Traffic Steering and Forwarding for Security Services in Multi-Tenant Cloud Datacenters[J]  Journal of Computer Science and Technology, 2017,V32(6): 1265-1278
链接本文:  
http://jcst.ict.ac.cn:8080/jcst/CN/10.1007/s11390-017-1799-7
Copyright 2010 by Journal of Computer Science and Technology