Enterprise applications are increasingly being migrated to the cloud. The central challenge in cloud-based enterprise operations is ensuring that enterprises can control key aspects of their communication such as security and performance, and service providers can offer the right primitives to meet customer requirements. The proposed CloudNet framework will optimally accommodate diverse needs of both enterprises and cloud providers.
The project leverages a large GENI-based experimentation framework. Cloud providers, WAN, enterprise servers and clients are mapped to campus OpenFlow networks, Internet2 and Supercharged PlanetLab, PlanetLab and the CMULab wireless emulator, respectively. The experiment explores the effectiveness and trade-offs of key techniques in CloudNet.
Broader impacts of the proposed research include enabling sophisticated enterprise applications that offer a rich user experience while also accounting for performance, security and privacy. The proposed work will highlight how providers can build rich cloud-based services. The research will be integrated into undergraduate and graduate curricula.
Cloud computing is an emerging new model for the delivery and consumption for IT resources. Given the economic appeal and agility of this model, both small and large companies are increasingly leveraging cloud computing for their workloads. Despite this growing adoption, however, key challenges remain when migrating line-of-business production applications, including lack of fine-grained security, privacy, audit compliance, unpredictable performance, and poor reliability. To address these challenges, this project has developed three systems: (1) CloudNaaS - a networking framework that extends the self-service provisioning model of the cloud beyond virtual servers and storage to include a rich set of accompanying network services. CloudNaaS gives customers deploying their applications on the cloud access to virtual network functions such as network isolation, custom addressing, service differentiation, and the ability to easily deploy a variety of middlebox appliances to provide functions such as intrusion detection, caching, or application acceleration. (2) Stratos - a system that provides abstractions for tenants to specify rich chains of virtual appliances, or middleboxes, to meet a variety of security and compliance needs, and automatically deploys and scales middleboxes in a way that maximizes performance, minimizes cost, and efficiently uses a provider's network. Stratos can be deployed by providers of public or private infrastructure-as-a-service (IaaS) clouds, providers or vendors interested in offering middleboxes-as-a-service, or network providers interested in network functions virtualization. (3) VND: a highly scalable and rich framework that enables a cloud provider to offer sophisticated virtual network diagnosis as a service to its tenants. The intellectual merit of this work lies in it being the first ever collection of systems to comprehensively address the needs of enterprise network deployments in the cloud today. It directly impacts both enterprises and cloud providers. The broader impacts lie in furthering the state of the art in cloud infrastructure, robustness and security, in the training of graduate and undergraduate students in cloud computing and software defined networks, and in tranferring results from research into teaching and the industry.
