End-to-end Security Architecture for Federated Cloud and IoT Networks

End-to-end Security Architecture for Federated Cloud and IoT Networks

Philippe Massonet, Laurent Deru, Amel Achour, Sebastien Dupont, Anna Levin, Massimo Villari :"End-to-end Security Architecture for Federated Cloud and IoT Networks". Proceedings 1st IEEE International Workshop on Federated Networking, Clouds and IoT (FENCI 2017), 31/05/2017, Hong Kong, China.

Date: 31 mai 2017

Publication: Publications scientifiques 


Ingénierie des systèmes IT complexes 

Evolutivité des systèmes embarqués et réseaux IoT 

A propos des projets


Smart Internet of Things (IoT) applications will rely on advanced IoT platforms that not only provide access to IoT sensors and actuators, but also provide access to cloud services and data analytics. Future IoT platforms should thus provide connectivity and intelligence. One approach to connecting IoT devices, IoT networks to cloud networks and services is to use network federation mechanisms over the internet to create network slices across heterogeneous platforms. Network slices also need to be protected from potential external and internal threats. In this paper we describe an approach for enforcing global security policies in the federated cloud and IoT networks. Our approach allows a global security to be defined in the form of a single service manifest and enforced across all federation network segments. It relies on network function virtualisation (NFV) and service function chaining (SFC) to enforce the security policy. The approach is illustrated with two case studies : one for a user that wishes to securely access IoT devices and another in which an IoT infrastructure administrator wishes to securely access some remote cloud and data analytics services.

lien vers la conférence