ARTÍCULO
Virtualized security at the network edge: a user-centric approach
Fecha
2015Registro en:
1558-1896
10.1109/MCOM.2015.7081092
Autor
Kuusijarvi, Jarkko
Sassu, Roberto
Montero Banegas, Diego Teodoro
Lioy, Antonio
Basile, Cataldo
Serral Gracià, René
Risso, Fulvio
Ciaccia, Francesco
Jacquin, Ludovic
Georgiades, Michael
Shaw, Adrian
Charalambides, Savvas
Bosco, Francesca
Nemirovsky, Mario
Yannuzzi,, Marcelo
Pastor, Antonio
Institución
Resumen
The current device-centric protection model against security threats has serious limitations. On one hand, the proliferation of user terminals such as smartphones, tablets, notebooks, smart TVs, game consoles, and desktop computers makes it extremely difficult to achieve the same level of protection regardless of the device used. On the other hand, when various users share devices (e.g., parents and kids using the same devices at home), the setup of distinct security profiles, policies, and protection rules for the different users of a terminal is far from trivial. In light of this, this article advocates for a paradigm shift in user protection. In our model, protection is decoupled from users' terminals, and it is provided by the access network through a trusted virtual domain. Each trusted virtual domain provides unified and homogeneous security for a single user irrespective of the terminal employed. We describe a user-centric model where nontechnically savvy users can define their own profiles and protection rules in an intuitive way. We show that our model can harness the virtualization power offered by next-generation access networks, especially from network functions virtualization in the points of presence at the edge of telecom operators. We also analyze the distinctive features of our model, and the challenges faced based on the experience gained in the development of a proof of concept.