Optimal Security Risk Management Mechanism for the 5G Cloudified Infrastructure

Autor: Alagan Anpalagan, Isaac Woungang, Glaucio H. S. Carvalho, Issa Traore
Rok vydání: 2021
Předmět:
Zdroj: IEEE Transactions on Network and Service Management. 18:1260-1274
ISSN: 2373-7379
DOI: 10.1109/tnsm.2021.3057761
Popis: This work proposes an optimal security risk management mechanism to holistically minimize the risks of a Denial of Service (DoS) attack and Service Level Agreement (SLA) violations that might unfold at the 5G edge-cloud ecosystem. Using the Semi-Markov Decision Process framework, a cyber risk-aware controller is designed to optimally decide on the admission, placement, and migration of a service taking into consideration a user taxonomy and the service requirements. A new cost structure that balances the targeted security risks as well as the cost and the reward of a secure service provisioning is introduced to pave the way for a safe edge-cloud operation. To proactively restrict the population of untrusted users, we consider security controls in the form of a linear and an exponential cost functions and show that the former represents a more flexible and profitable pathway for a Mobile Network Operator to operate at the expense of an inflated security risk while the latter leads to the opposite outcome. Results show that the baseline mechanism might violate the SLA and expose the edge and the cloud to a DoS attack in levels that are 102, 1012, and 1014 times higher than those of the proposed controller.
Databáze: OpenAIRE