A Security-aware Network Function Sharing Model for 5G Slicing

Sharing Virtualized Network Functions (VNFs) among different slices in Fifth Generation (5G) is a potential strategy to simplify the system implementation and utilize 5G resources efficiently. In this paper, we propose a security-aware VNF sharing model for 5G networks. The proposed optimization model satisfies the service requirements of various slices, enhances slice security by isolating their critical VNFs, and enhances resource utilization of the underlying physical infrastructure. The model tries to systematically decide on sharing a particular VNF based on two groups of constraints; the first group of constraints is common assignment constraints used in the existing literature. The second group is the novel security constraints that we propose in this work; the maximum traffic allowed to be processed by the VNF and the exposure of the VNF to procedures sourced via untrusted users or access networks. This sharing problem is formalized to allow for procedure-level modeling that satisfies the requirements of slice requests in 5G systems. The model is tested using standard VNFs and procedures of the 5G system rather than generic ones. The numerical results of the model show the benefits and costs of applying the security constraints along with the network performance in terms of different metrics.