LTSS: Load-Adaptive Traffic Steering and Forwarding for Security Services in Multi-Tenant Cloud Datacenters

Xue Kai Du, Zhi Hui Lu, Qiang Duan, Jie Wu, Cheng Rong Wu

Research output: Contribution to journalArticle

Abstract

Currently, different kinds of security devices are deployed in the cloud datacenter environment and tenants may choose their desired security services such as firewall and IDS (intrusion detection system). At the same time, tenants in cloud computing datacenters are dynamic and have different requirements. Therefore, security device deployment in cloud datacenters is very complex and may lead to inefficient resource utilization. In this paper, we study this problem in a software-defined network (SDN) based multi-tenant cloud datacenter environment. We propose a load-adaptive traffic steering and packet forwarding scheme called LTSS to solve the problem. Our scheme combines SDN controller with TagOper plug-in to determine the traffic paths with the minimum load for tenants and allows tenants to get their desired security services in SDN-based datacenter networks. We also build a prototype system for LTSS to verify its functionality and evaluate performance of our design.

Original languageEnglish (US)
Pages (from-to)1265-1278
Number of pages14
JournalJournal of Computer Science and Technology
Volume32
Issue number6
DOIs
StatePublished - Nov 1 2017

Fingerprint

Intrusion detection
Cloud computing
Traffic
Controllers
Software
Firewall
Plug-in
Intrusion Detection
Cloud Computing
Choose
Prototype
Verify
Controller
Path
Resources
Evaluate
Requirements

All Science Journal Classification (ASJC) codes

  • Software
  • Theoretical Computer Science
  • Hardware and Architecture
  • Computer Science Applications
  • Computational Theory and Mathematics

Cite this

@article{89eb0b55b9a34777b4395a3124031dad,
title = "LTSS: Load-Adaptive Traffic Steering and Forwarding for Security Services in Multi-Tenant Cloud Datacenters",
abstract = "Currently, different kinds of security devices are deployed in the cloud datacenter environment and tenants may choose their desired security services such as firewall and IDS (intrusion detection system). At the same time, tenants in cloud computing datacenters are dynamic and have different requirements. Therefore, security device deployment in cloud datacenters is very complex and may lead to inefficient resource utilization. In this paper, we study this problem in a software-defined network (SDN) based multi-tenant cloud datacenter environment. We propose a load-adaptive traffic steering and packet forwarding scheme called LTSS to solve the problem. Our scheme combines SDN controller with TagOper plug-in to determine the traffic paths with the minimum load for tenants and allows tenants to get their desired security services in SDN-based datacenter networks. We also build a prototype system for LTSS to verify its functionality and evaluate performance of our design.",
author = "Du, {Xue Kai} and Lu, {Zhi Hui} and Qiang Duan and Jie Wu and Wu, {Cheng Rong}",
year = "2017",
month = "11",
day = "1",
doi = "10.1007/s11390-017-1799-7",
language = "English (US)",
volume = "32",
pages = "1265--1278",
journal = "Journal of Computer Science and Technology",
issn = "1000-9000",
publisher = "Springer New York",
number = "6",

}

LTSS : Load-Adaptive Traffic Steering and Forwarding for Security Services in Multi-Tenant Cloud Datacenters. / Du, Xue Kai; Lu, Zhi Hui; Duan, Qiang; Wu, Jie; Wu, Cheng Rong.

In: Journal of Computer Science and Technology, Vol. 32, No. 6, 01.11.2017, p. 1265-1278.

Research output: Contribution to journalArticle

TY - JOUR

T1 - LTSS

T2 - Load-Adaptive Traffic Steering and Forwarding for Security Services in Multi-Tenant Cloud Datacenters

AU - Du, Xue Kai

AU - Lu, Zhi Hui

AU - Duan, Qiang

AU - Wu, Jie

AU - Wu, Cheng Rong

PY - 2017/11/1

Y1 - 2017/11/1

N2 - Currently, different kinds of security devices are deployed in the cloud datacenter environment and tenants may choose their desired security services such as firewall and IDS (intrusion detection system). At the same time, tenants in cloud computing datacenters are dynamic and have different requirements. Therefore, security device deployment in cloud datacenters is very complex and may lead to inefficient resource utilization. In this paper, we study this problem in a software-defined network (SDN) based multi-tenant cloud datacenter environment. We propose a load-adaptive traffic steering and packet forwarding scheme called LTSS to solve the problem. Our scheme combines SDN controller with TagOper plug-in to determine the traffic paths with the minimum load for tenants and allows tenants to get their desired security services in SDN-based datacenter networks. We also build a prototype system for LTSS to verify its functionality and evaluate performance of our design.

AB - Currently, different kinds of security devices are deployed in the cloud datacenter environment and tenants may choose their desired security services such as firewall and IDS (intrusion detection system). At the same time, tenants in cloud computing datacenters are dynamic and have different requirements. Therefore, security device deployment in cloud datacenters is very complex and may lead to inefficient resource utilization. In this paper, we study this problem in a software-defined network (SDN) based multi-tenant cloud datacenter environment. We propose a load-adaptive traffic steering and packet forwarding scheme called LTSS to solve the problem. Our scheme combines SDN controller with TagOper plug-in to determine the traffic paths with the minimum load for tenants and allows tenants to get their desired security services in SDN-based datacenter networks. We also build a prototype system for LTSS to verify its functionality and evaluate performance of our design.

UR - http://www.scopus.com/inward/record.url?scp=85037374842&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85037374842&partnerID=8YFLogxK

U2 - 10.1007/s11390-017-1799-7

DO - 10.1007/s11390-017-1799-7

M3 - Article

AN - SCOPUS:85037374842

VL - 32

SP - 1265

EP - 1278

JO - Journal of Computer Science and Technology

JF - Journal of Computer Science and Technology

SN - 1000-9000

IS - 6

ER -