The First International Workshop on Security in NFV-SDN (SNS2016)

in conjunction with the 2nd IEEE NFV-SDN conference, 7 of November, Palo Alto, California, USA

  • SDN
  •  california


The First International Workshop on Security in NFV-SDN (SNS2016) Program

13:30-13:35 Welcome by Linas Maknavicius, Nokia Bell Labs (5 min)
13:35-14:15 Keynote 1 “5G & virtualization security challenges”
Peter Schneider, Nokia Bell Labs (40 min)
14:15-14:35 A Security Services Platform for Software Defined Networks
Sinan Tatlicioglu; Seyhan Civanlar; Burak Gorkemli; Erhan Lokman
14:35-14:55 Policy Based Virtualised Security Architecture for SDN/NFV enabled 5G Access Networks
Muhammad Shuaib Siddiqui; Eduard Escalona; Eleni Trouva; Dimitrios Kritharidis; Konstantinos V. Katsaros; Spiros Spirou; Carolina Canales; Lorenzo Manuel, Michail – Alexandros Kourtis
14:55-15:15 Policy Enforcement Point (PEP) as a Service Enabled by SDN
Arash Shaghaghi, Mohamed Ali (Dali) Kaafar, Sandra Scott-Hayward, Salil S. Kanhere and Sanjay Jha
15:15-15:30 Break (15 min)
15:30-16:10 Keynote 2 “SDN & NFV : new security challenges & expected transformation”
Dotaro Emmanuel, Thales Secure Communications & Information Systems (40 min)
16:10-16:30 Security Policy Transition Framework for Software Defined Networks
Jacob Cox, Jr;Russell J Clark;Henry Owen
16:30-16:50 Network-wide Virtual Firewall using SDN/OpenFlow
Jarrod Bakker;Ian Welch; Winston K.G.Seah
16:50-17:10 BotD: A Scalable Anomaly-Based Bot Detection Architecture for Securing Web Services
KrishnaTeja Yadavalli; Shatrunjay Rawat
17:10-17:15 Close

Keynote Speaker 1

Peter SchneiderPeter Schneider, Nokia Bell Labs

After receiving his diploma in mathematics, Peter started his professional career at Siemens, as a researcher on new software architectures. For several years, he worked on the research and prototyping of innovative communication solutions, in the areas such as ATM and (Broadband-)ISDN technologies, intelligent networks, Internet and telephony integration, IP resource management and IP quality of service. Later, he became a systems engineer for the IP based mobile core network, working on various aspects of the IP technology, in particular on IP security, deep packet inspection and IP network reliability. Since 2007, he is focusing on network security research. Currently, he is a senior expert for mobile network security in the Security Research Team at Nokia Bell Labs. In this position, he has been involved in various security research projects including publicly funded international projects. His interests include security for SDN and the telco cloud and the overall security architecture of future 5G networks.

5G & virtualization security challenges

5G security activities have gained momentum in various places and bodies all over the world. As an early example, the NGMN Alliance has stated challenging 5G security requirements in their "5G White Paper", dated February 2015. Since spring 2016, 3GPP SA3 is carrying out a study on "next generation security", in close alignment to the respective architecture study of SA2. A huge amount of ideas and proposals have been contributed to this study already, numerous “security key issues” have been identified, and solution proposals for these issues are under discussion.

Also national and international funded projects on various aspects of 5G networks have been started, a number of them including security aspects into their research. Many of these projects have already delivered first results. As an example, the project 5G NORMA takes the approach to integrate work on the overall network architecture with security considerations, aiming at specifying a 5G network architecture with built-in security. As NFV and SDN are the most significant new networking paradigms for 5G networks, their security implications are of paramount importance. While adoption of these network paradigms may raise security challenges, the new techniques may also be employed to create new, powerful security solutions. This talk provides insights into 5G security research and standardization activities, discusses the 5G security challenges and opportunities and outlines what we at Nokia Bell Labs Security Research, who are part of many of these activities, consider important for building the secure communication networks of the future.

Keynote Speaker 2

Emmanuel Dotaro Emmanuel Dotaro,Thales Secure Communications & Information Systems

Emmanuel Dotaro is the head of Network & Security labs at Thales Secure Communications & Information Systems. He is also leading the Network of Experts in communications across the Thales group.

Emmanuel Dotaro received an M.S. degree in Computer Science from the University of Versailles, France in 1996. He was three years withthe Institut National des Telecommunications Performance Evaluation lab. while holding a teaching position at the University of Versailles. He joined in 1999 the Alcatel Research and Innovation lab. at Marcoussis, France. He directed the research on networking topics at Bell Labs including Packet Transport Infrastructure and Semantic and Autonomic Technologies. He joined Thales in 2009 as director of innovation for C4I systems and is now leading ICT and Security labs. He holds more than 30 papers as author or co-author as well as more than 30 patents in the ICT field. He is at the initiative, contributor or leader of various major European and national collaborative research projects. He is serving at various conference or journal Technical Committees as well as regional or national clusters of the digital ecosystem. His current research interests are network softwarization, radio and mobile networks, cloud brokering, security as a service, security policies enforcement in 5G and IoT systems, detection and remediation related cybersecurity topics.

SDN & NFV : new security challenges & expected transformation

Beyond “softwarization” and virtualization, 5G is coming with potentially more technical and architectural disruptions which in turn, result in resilience issues. Slicing is a promise of ultimate abstraction of the system & service complexity. One may pay attention to the dependencies, responsibilities and control perimeter/authority impacting service level delivered at the end.

The 5G scope can’t be wider as it combines any type of networking segments, the convergence with Information Technologies infrastructure and technologies as well as Operational Technologies coming from vertical markets. It means that the horizontal integration (End-to-End), and the vertical one across remaining layers plus the unprecedented tenant slices is becoming a pre-requisite.

Assuming that we are just at the beginning of the 5G era a set of challenges will be introduced as the new needs in terms of regulation/certification, the new threats inherent to the 5G architectures such as slicing and underlying technologies. The emerging and promising Software Defined Security will be put in perspective covering various security aspects from protection towards remediation as well as other research directions in security impacting the development and deployment of SDN/NFV.