Abstract:
Network softwarization and virtualization are making networks more and more dynamic,
opening the possibility of extremely fast reconfigurations and of enhanced automation in their management.
This enhanced dynamism is a great opportunity, for example for prompt reaction to security attacks or to changing demands from users,
but at the same time it introduces new challenges, such as how to guarantee that security policies are always correctly implemented
and that resources are used efficiently in such rapidly changing systems.
VEREFOO (VErified REfinement and Optimized Orchestration) is an approach for policy-based network security automation in virtualized networks,
developed at the Turin Polytechnic by the NetGroup (Computer Networks Group).
VEREFOO enables automatic refinement of security policies into network configurations, providing at the same time formally verified and optimized solutions.
The talk presents VEREFOO, by explaining how it works, by illustrating its state of the art,
i.e., all the major results already achieved, and by discussing the VEREFOO ongoing research activities.
