< Back to previous page

Project

Cross-Layer Management of Security Policies in Cloud-Native Networking

Many industries and companies are migrating to a virtualized and orchestrated environment, allowing the deployment of Virtual Network Functions (VNFs) on cloud infrastructure. As a result, there is increasing popularity of the container orchestration frameworks for automating, scaling and managing high-availability applications towards the edge. With this trend, the security of these frameworks has become increasingly important, yet also increasingly challenging. However, state-of-the-art frameworks such as Kubernetes do not meet the stringent security requirements of many contemporary industries and applications. Moreover, security mechanisms such as encryption, authentication, and authorization typically cause significant overhead. Figuring out a security policy that offers the right balance of security and performance is therefore important, especially in this era where systems must meet customers’ Service Level Agreements (SLAs) constraints and specifications relating to performance, availability, reliability, security, and compliance. This Ph.D. proposal, therefore, aims at (i) verifying the security properties of lightweight virtual machines or containers and container orchestration frameworks and (i) designing a cluster architecture that gives satisfactory performance and security requirements. The specific functionalities in the scope of this PhD. proposal are secure inter-container communication, secure orchestration of multi-component services, and isolation between tenants.

Date:14 Feb 2020 →  21 Mar 2024
Keywords:Container Orchestration Frameworks, Network Function Virtualisation, Security, Performance, Cloud Computing, Lightweight Virtualisation
Disciplines:Computer system security, System software and middleware, Cloud computing, Distributed systems, Cryptography, privacy and security, Performance modelling
Project type:PhD project