UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Network Segmentation in the Cloud A Novel Architecture Based on UCC and IID

Jeuk, S; Salgueiro, G; Baker, F; Zhou, S; (2015) Network Segmentation in the Cloud A Novel Architecture Based on UCC and IID. In: Boutaba, R and Limam, N and Kantarci, B and Badonnel, R, (eds.) Proceedings of 4th International Conference on Cloud Networking (CloudNet), IEEE 2015. (pp. pp. 58-63). IEEE: Niagara Falls, ON, Canada. Green open access

[thumbnail of Zhou_Network Segmentation_Open.pdf]
Preview
Text
Zhou_Network Segmentation_Open.pdf - Accepted version

Download (462kB) | Preview

Abstract

Cloud Computing is known for its scalability, flexibility and on-demand workload creation. Today, cloud-enabled data centers utilize VLAN, VxLAN or GRE segmentations but these techniques, despite being widely deployed, have a variety of inherent technical and architectural limitations. In this paper we introduce a novel architecture leveraging UCC and IID for segmentation, rather than those traditionally used today (e.g., VLAN, VxLAN, etc.). The proposed architecture is entirely based on IPv6 and, for illustrative purposes only, is demonstrated using OpenStack as the cloud framework. This proposed reference architecture is based entirely on UCC and IID, two OpenStackindependent concepts, could easily be realized in outer cloud frameworks as well. UCC introduces cloud-specific traffic isolation within IPv6 extension headers. IIDs can be incorporated as a unique identifier within an IPV6 address to identify endpoints. The combination of both allows network devices to segregate traffic according to cloud service, cloud tenants and endpoint affiliation. Here, we highlight current shortcomings of existing segmentation techniques as well as define design considerations for the cloud framework in question (i.e. in this case OpenStack) to circumvent such limitations. The proposed architecture is depicted and explained in the context of a traffic flow example.

Type: Proceedings paper
Title: Network Segmentation in the Cloud A Novel Architecture Based on UCC and IID
Event: 4th IEEE International Conference on Cloud Networking (CloudNet)
Location: Niagara Falls, CANADA
Dates: 05 October 2015 - 07 October 2015
ISBN-13: 9781467395007
Open access status: An open access version is available from UCL Discovery
DOI: 10.1109/CloudNet.2015.7335280
Publisher version: http://dx.doi.org/10.1109/CloudNet.2015.7335280
Language: English
Keywords: Science & technology, technology, computer science, hardware & architecture, computer science, information systems, computer science.
UCL classification: UCL
UCL > Provost and Vice Provost Offices
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/1497044
Downloads since deposit
118Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item