A security-aware service function chain deployment method for load balance and delay optimization.

Network function virtualization (NFV) decouples network functions from hardware devices. However, it introduces security challenges due to its reliance on software, which facilitates attacks. This security problem has a significant negative impact on the interests of users. Existing deployment methods are not suitable for SFC requests with a security demand, causing the use of substrate resources unreasonable and lower acceptance ratio. Moreover, a strict delay requirement is another challenge for NFV. To make the use of the substrate resources more reasonable and reduce the transmission delay, this paper proposes a security-constraint and function-mutex-constraint consolidation (SFMC) method for virtual network function (VNF) to reduce resource consumption and transmission delay. In addition, a security-aware service function chain (SASFC) deployment method for load balance and delay optimization is presented, which deploys service function chains according to the consolidated results of the SFMC method. The SASFC method first obtains a candidate server node set using resource, hosting capacity, security and node load constraints. It then obtains candidate paths according to the metric of the minimum transmission delay and link load constraint using the Viterbi algorithm. Finally, the path with the highest VNF security level match degree among the candidate paths is adopted to deploy virtual links, and the corresponding server nodes are employed to deploy VNFs. As a result, the SASFC method makes the use of substrate resources more reasonable. It improves the acceptance ratio and long-term average revenue to cost ratio, reduces transmission delay, and achieves load balancing. Experiment results show that when the number of VNFs is five, the acceptance ratio and long-term average revenue to cost ratio of the SASFC method are close to 0.75 and 0.88, which are higher than those of the compared methods. Its transmission delay and proportion of bottleneck nodes are 7.71 and 0.024, which are lower than those of the compared methods. The simulations demonstrate the effectiveness of the SASFC method.