@INPROCEEDINGS{Tao1906:Policy,
AUTHOR="Xu Tao and Flavio Esposito and Alessio Sacco and Guido Marchetto",
TITLE="A {Policy-Based} Architecture for Container Migration in Software Defined
Infrastructures",
BOOKTITLE="2019 IEEE Conference on Network Softwarization (NetSoft) (NetSoft 2019)",
ADDRESS="Paris, France",
DAYS=23,
MONTH=jun,
YEAR=2019,
KEYWORDS="software defined networking; container migration; moving target defense",
ABSTRACT="Software-Defined Networking (SDN) is a paradigm that enables easier network
programmability based on separation between network control plane and data
plane. Network Function Virtualization (NFV) is another recent technology
that has enabled design, deploy, and management of softwarized networking
services. The vast majority of SDN and NFV based architectures, whether
they use Virtual machines (VMs) or Lightweight Virtual Machines (LVMs),
are
designed to program forwarding, probably the most fundamental among all
network mechanisms. 
In this paper instead we demonstrated that there are other (as important)
networking mechanisms that need programmability. In particular, we
designed, implemented and extensively
tested an architecture that enables policy-programmability of (live)
migration of LVMs. Migration is used for maintenance, load balancing, or as
a security mechanism in what is called Moving Target Defence (a virtual
host migrates to hide from an attacker). Our architecture is based on
Docker and it is implemented within a Software-Defined
Infrastructure. Migration mechanism can be set easily by means of
configuration file, to make a novel policy-based architecture. We evaluated
the performance of our system in several scenarios, over a local
Mininet-based testbed. We analyzed the tradeoff between several Load
Balancing
policies as well as several Moving Target Defense solutions inspired by
network coding."
}