picture_1 picture_2 picture_3 picture_4 picture_5 picture_6 picture_7 picture_8

Customer Edge Switching Tutorial Session held in conjunction with IEEE TrustCom-15

August 20-22, 2015, Helsinki, Finland

Preliminary program

Customer Edge Switching (CES) is a novel network architecture aiming to improve Internet security by admitting all traffic only after policy negotiation between the receiver and the sender. CES introduces customer network edge nodes that execute the policies defined by the receiver and the sender. A CES node is a replacement of a Network Address Translator making it possible to unilaterally initiate flows to hosts in a private address space. It is also a cooperative stateful firewall that, in addition to admitting and dropping flows based on local rules, can make additional queries before the final admit/drop decision. All aspects of CES are policy controlled.

We propose to introduce CES as a part of 5G networking functionality. The justification is that 5G is expected to provide ultra-reliable communications in particular for machine-tomachine. The argument is that no network where legitimate services can fail due to malicious activity can be ultra-reliable. Malicious activity is inherently unpredictable. Therefore, the reliability of network service under failures due to malicious activity is undefined: one cannot even put a number on it.

The tutorial explains and demonstrates the concepts, the algorithms and the testing results of Customer Edge Switching and Real Gateway developed at the Comnet/ Aalto University. Our implementation is geared to comply with the concept of Software Defined Networking (SDN) and uses OpenFlow between the Control and the Data planes.


Prof. Raimo Kantola, Aalto University, Finland
Jesus Llorente Santos, Aalto University, Finland
Hammad Kabir, Aalto University, Finland


This tutorial will be held on the 21st and 22nd August 2015.


Please direct enquiries for the tutorial to Jesus Llorente Santos.

Aalto ELEC