Grasselli, Chiara
(2025)
Cross-domain network service management and orchestration, [Dissertation thesis], Alma Mater Studiorum Università di Bologna.
Dottorato di ricerca in
Computer science and engineering, 37 Ciclo. DOI 10.48676/unibo/amsdottorato/12201.
Documenti full-text disponibili:
![Grasselli_Chiara_thesis.pdf [thumbnail of Grasselli_Chiara_thesis.pdf]](https://amsdottorato.unibo.it/style/images/fileicons/application_pdf.png) |
Documento PDF (English)
- Richiede un lettore di PDF come Xpdf o Adobe Acrobat Reader
Disponibile con Licenza: Salvo eventuali più ampie autorizzazioni dell'autore, la tesi può essere liberamente consultata e può essere effettuato il salvataggio e la stampa di una copia per fini strettamente personali di studio, di ricerca e di insegnamento, con espresso divieto di qualunque utilizzo direttamente o indirettamente commerciale. Ogni altro diritto sul materiale è riservato.
Download (3MB)
|
Abstract
The introduction of virtualization and cloud computing technologies in the telco industry has significantly changed how network services are delivered. The Network Function Virtualization paradigm leverages these technologies to replace physical network appliances with software network functions decoupled from the hardware. Moreover, the emergence of software-defined approaches such as Software Defined Networking and programmable data plane has increased network programmability. Although the combination of these paradigms provides unprecedented flexibility, a seamless orchestration of all network components is required to meet the functional and performance requirements of different types of services. This thesis addresses the management and orchestration of network services with a cross-domain study, presenting the orchestration solutions implemented during the three years of PhD. The work exploits the capabilities offered by the mentioned technologies and studies the benefits and challenges of their application in different scenarios. First, this thesis focuses on 5G network slicing, reporting the design and implementation of a network slice for mission-critical communications. Then, it discusses the orchestration of an industrial network digital twin for cybersecurity testing in a realistic virtualized environment. Finally, it presents a novel orchestration system to deploy secure machine learning pipelines for near-real-time control of network services. Two solutions are considered to secure the communications between the agents composing the pipelines. The former exploits IPsec secure channels using a Distributed Ledger Technology network for key exchange. The latter proposes in-network encryption performed with P4 programmable switches.
Abstract
The introduction of virtualization and cloud computing technologies in the telco industry has significantly changed how network services are delivered. The Network Function Virtualization paradigm leverages these technologies to replace physical network appliances with software network functions decoupled from the hardware. Moreover, the emergence of software-defined approaches such as Software Defined Networking and programmable data plane has increased network programmability. Although the combination of these paradigms provides unprecedented flexibility, a seamless orchestration of all network components is required to meet the functional and performance requirements of different types of services. This thesis addresses the management and orchestration of network services with a cross-domain study, presenting the orchestration solutions implemented during the three years of PhD. The work exploits the capabilities offered by the mentioned technologies and studies the benefits and challenges of their application in different scenarios. First, this thesis focuses on 5G network slicing, reporting the design and implementation of a network slice for mission-critical communications. Then, it discusses the orchestration of an industrial network digital twin for cybersecurity testing in a realistic virtualized environment. Finally, it presents a novel orchestration system to deploy secure machine learning pipelines for near-real-time control of network services. Two solutions are considered to secure the communications between the agents composing the pipelines. The former exploits IPsec secure channels using a Distributed Ledger Technology network for key exchange. The latter proposes in-network encryption performed with P4 programmable switches.
Tipologia del documento
Tesi di dottorato
Autore
Grasselli, Chiara
Supervisore
Dottorato di ricerca
Ciclo
37
Coordinatore
Settore disciplinare
Settore concorsuale
Parole chiave
Network Service Orchestration, NFV, SDN, 5G Network Slicing, Digital Twin, P4
DOI
10.48676/unibo/amsdottorato/12201
Data di discussione
9 Aprile 2025
URI
Altri metadati
Tipologia del documento
Tesi di dottorato
Autore
Grasselli, Chiara
Supervisore
Dottorato di ricerca
Ciclo
37
Coordinatore
Settore disciplinare
Settore concorsuale
Parole chiave
Network Service Orchestration, NFV, SDN, 5G Network Slicing, Digital Twin, P4
DOI
10.48676/unibo/amsdottorato/12201
Data di discussione
9 Aprile 2025
URI
Statistica sui download
Gestione del documento: