The advent of IoT devices has revolutionized various industries by generating vast amounts of data from sensors, devices, and applications. Industrial internet of things: Challenges, opportunities, and directions. To process these data efficiently, SDNFV architectures have emerged as a promising solution, offering flexible and scalable data processing capabilities. These architectures combine the principles of Software-Defined Networking (SDN) and Network Function Virtualization (NFV) to enable dynamic network management and virtualized network functions. However, as the volume and complexity of IoT data increase, ensuring robust security and accommodating scalability remain key challenges.

The security of data transmitted and processed within SDNFV architectures is of paramount importance. SDNFV based threat monitoring and security framework for multi-access edge computing infrastructure. Mobile Networks and Applications, With the transmission of sensitive information over networks, data privacy, and confidentiality are critical concerns. Furthermore, the potential for unauthorized access, data breaches, and malicious attacks pose significant risks. It is essential to incorporate robust security measures to protect the data and maintain the integrity of the system .

As the number of IoT devices and the volume of generated data continues to grow, scalability becomes a crucial requirement for SDNFV architectures. Traditional centralized architectures face limitations in terms of processing capacity, bandwidth utilization, and latency . To overcome these limitations, the SDNFV model needs to be expanded to accommodate multiple edge nodes capable of distributed data processing. Efficient load balancing and resource management techniques are necessary to optimize resource utilization and maintain system performance.

The main objective of this research paper is to propose an enhanced SDNFV model that addresses the challenges of security and scalability in IoT data processing. The contributions of this paper are as follows:

The enhanced model incorporates encryption algorithms to ensure data confidentiality and integrity during transmission. Authentication mechanisms such as digital certificates or biometric verification methods are implemented to prevent unauthorized access.

The proposed model expands the SDNFV architecture to include multiple edge nodes. This allows for distributed data processing and workload sharing, leading to improved scalability and resource use.

Evaluation and Analysis: Extensive simulations were conducted to evaluate the performance of the enhanced SDNFV model. Comparative analysis with existing architectures was performed to demonstrate the advantages and effectiveness of the proposed enhancements.

A reference architecture for IoT regarding the standard framework European Telecommunications Standards Institute management and orchestration (ETSI MANO) has been proposed by Cerroni et al. For the purpose of managing and orchestrating IoT networks of different gadgets. This architecture has distinct virtual infrastructure managers (VIMs) for each SDN and IoT. A softwarization-based IoT healthcare system was presented by Salahuddin et al. The proposed design makes the smart healthcare system secure and flexible. Along with SDN and NFV, it uses blockchain and Tor. The focus of this work is on the healthcare system and how it can benefit from softwarization and blockchain while remaining secure. This work is conceptual because there is no simulation or implementation to verify the findings. The architecture described in this paper is used by both wireless sensor networks (WSNs) and unmanned aerial vehicles (UAVs), two examples of applications that fall under the internet of things. In order to get over the restrictions imposed by traditional networks and fully utilize the general resource pool made available by virtualization as well as cloud computing services, this study builds a software virtualization architecture combining NFV and SDN. Bypassing the constraints imposed by traditional networks, this effort aims to fully utilize the general resource pool made available by virtualization and cloud computing services. In order to personalize switch behavior in SDN networks, Caraguay et al. Suggested utilizing SDN/NFV for IoT networks. Their suggested architecture excludes IoT network architecture and merely mixes NFV and SDN technologies. In this study, video streaming between hosts was used to test the quality of service (QoS) in an SDN network using the Mininet SDN simulation and the Floodlight controller. Acharyya and Al-Anbuky's Proposed architecture incorporates the demands of demand services through interaction between a physical and virtual sensor network. This IoT architecture is designed to be remotely administered via servers or the cloud. The SDN-IoT architecture with NFV implementation presented by Ojo et al. can improve the scalability, mobility, and efficiency of the IoT network. With regard to the virtualization of the IoT framework, its proposed architecture is based on the SD-IoT architecture. As an IoT architecture for disaster management, Mouradian et al. offer distributed IoT gateways that leverage NVF and SDN. This architecture facilitates managing traffic between gateways and reusing them. To solve challenges with IoT networks, Alenezi et al. combined two architectures of SDN and NFV. The suggested design facilitates the usage of COTS devices to perform a range of services and tasks. This study examines the costs associated with employing various network technologies, including both regular 4G and softwarization networks. The work suggested by Farris et al. integrates SDN and NFV elements to eliminate security risks in IoT. The proposed framework is intended to provide security protection mechanisms by integrating existing IoT security mechanisms with softwarized services from NFVs and SDNs. Through the orchestration layer, it facilitates communication with multiple security technologies. DistBlackNet, a secure NFV and Black SDN-IoT architecture for smart cities, was presented by Islam et al. This architecture is based on the SDN-IoT architecture with the addition of NFV as an enhancement. With the use of distributed controllers, it is more efficient at creating clusters, which results in some advantages such as secrecy, integrity, and energy savings . To support IoT applications for smart cities, Mukherjee et al. suggested an architecture of SDN-IoT with the introduction of NFVs. This paper introduces clustering as a useful strategy with lower power consumption for effectively managing the IoT network. The network is made more effective and flexible by the suggested architecture, which also facilitates the deployment of controllers. In order to replace the physical IoT devices with virtual ones, Atzori et al. proposed the idea of "smart device-as-a-service". Scalability, flexibility, and reuse are some of the virtualized services for physical devices that are claimed to be improved by SDaaS. This paper proposed the deployment of NFV infrastructure in the Fog environment to decrease the number of network hops An SDN/NFV-based IoT architecture was proposed by Zarca et al. IoT network security is managed using the proposed architecture framework. It responds quickly to IoT security risks and assaults. Omnes et al. proposed an IoT architecture is multi-layered with NFV and SDN. The authors claim that the suggested design can handle and remove IoT network issues. Virtual network functions (VNF) services are handled by virtualization infrastructure for this purpose, and NFV offers a virtualized framework and orchestration . SDN is utilized to build communication between virtualized functions as well as to address the service infrastructure. The performance of 6LoWPAN for IoT devices utilizing the SDN paradigm was examined by Setiawan et al. The open network operating system (ONOS) controller (IoT) and mininet-IoT emulator are used to analyze the QoS. Several topologies comprising a host, switch, and cluster were assessed for their performance. This study investigates how to assess QoS performance in an advanced IoT system with complex topologies and numerous hosts. Several studies have investigated security measures in SDNFV architectures to protect data privacy and prevent unauthorized access . Chen et al. proposed a security framework for SDN-based NFVs, which incorporated encryption techniques to secure communication channels and ensure the confidentiality of transmitted data. They also employed access control mechanisms to prevent unauthorized access to virtualized network functions. To address security vulnerabilities in SDNFV architectures, et al. (2018) proposed a lightweight intrusion detection system (IDS) that leveraged machine learning techniques to detect anomalous behavior within the network . By monitoring network traffic and identifying potential threats, their approach enhanced the security of the SDNFV environment. In the context of secure data transmission, Wu et al. proposed a privacy-preserving scheme for SDNFV architectures, which employed cryptographic techniques such as homomorphic encryption and secure multiparty computation. Their approach enabled secure data processing without compromising privacy. Scalability is a crucial aspect of SDNFV architectures, particularly in the context of accommodating the increasing number of IoT devices and the growing volume of data . To address scalability challenges, several approaches have been proposed. Li et al. proposed a scalable architecture for SDN-enabled NFV, which leveraged hierarchical network management and distributed resource allocation. Their approach allowed for efficient resource utilization by dynamically provisioning network functions based on demand, thereby enhancing the scalability of the SDNFV system. To improve the scalability of SDNFV architectures, Nguyen et al. (2020) proposed a load balancing mechanism that distributed the workload among multiple edge nodes. Their approach dynamically allocated processing tasks based on node capabilities and workload conditions, ensuring efficient utilization of resources and enhancing overall system performance . Furthermore Li et al proposed a scalable SDNFV architecture that utilized edge computing resources to offload processing tasks from the centralized cloud center. Their approach employed intelligent task scheduling algorithms and efficient resource management techniques to distribute the workload and reduce latency, thus achieving enhanced scalability. Recognizing the interplay between security and scalability, some studies have explored the integration of both aspects in SDNFV architectures. For example, Xiong et al. (2019) proposed a security-aware scalability framework that employed dynamic scaling of network functions based on security requirements. Their approach considered security factors such as traffic analysis and threat detection in scaling decisions, ensuring both security and scalability in the SDNFV environment. Building upon the existing research in the field, our proposed approach aims to enhance security and scalability in SDNFV architectures by incorporating encryption and authentication mechanisms and supporting multiple edge nodes. By integrating robust security measures and enabling distributed data processing, our approach seeks to address the challenges associated with data privacy and processing capacity in IoT environments. To assess the effectiveness of our proposed enhancements, we conduct extensive simulations and compare the performance of the enhanced SDNFV model with existing architectures. We evaluate key performance metrics such as data transmission time, resource utilization, security effectiveness, and scalability. Through comparative analysis, we demonstrate the advantages and significance of our proposed approach.

In the proposed enhanced SDNFV model, several security features are incorporated to ensure the confidentiality, integrity, and authenticity of the data transmitted and processed within the architecture. These security features include:

Data encryption is a fundamental security measure employed in the model. Before transmitting data from the edge nodes to the cloud center, it is encrypted using strong encryption algorithms. Encryption ensures that the data is transformed into an unreadable format, making it difficult for unauthorized entities to intercept or understand the information. Only authorized parties with appropriate decryption keys can access and decipher the encrypted data. When data is generated at the edge nodes, it undergoes encryption before being transmitted to the cloud center for further processing. This encryption process ensures that even if the data is intercepted during transmission, it remains protected and unintelligible to unauthorized entities.

Authentication mechanisms are implemented to establish secure communication channels and verify the identities of the entities involved in the SDNFV architecture. This ensures that only trusted and authorized devices or users can access and interact with the system. Common authentication mechanisms include the use of digital certificates, where devices or users present a valid certificate to prove their identity, or biometric verification methods, which rely on unique physical or behavioral characteristics for authentication.

By supporting multiple edge nodes, the proposed enhanced SDNFV model improves the overall scalability and resource use of the architecture. The distributed nature of data processing enables faster response times, reduce network congestion, and provides a more resilient system. The expansion to multiple edge nodes enhances the architecture's ability to handle large-scale deployments and effectively process IoT data in a distributed and scalable manner. By implementing distributed data processing, the proposed enhanced SDNFV model achieves efficient and scalable data analysis. The proximity of edge nodes to the data sources, coupled with parallel processing and task coordination, enables faster and more accurate insights from the data. This distributed approach enhances the architectures performance, reduces processing time, and enables real-time or near-real-time data analytics in SDNFV environments.

By incorporating robust communication and coordination mechanisms, the proposed enhanced SDNFV model ensures efficient collaboration, data exchange, and decision-making between the edge nodes and the cloud center. Real-time communication, task scheduling, data replication, and synchronization techniques contribute to the overall performance, responsiveness, and reliability of the distributed architecture. Effective communication and coordination are critical for achieving seamless integration and realizing the full potential of SDNFV in edge computing environments.

By conducting a comprehensive evaluation and analysis, the proposed enhanced SDNFV model can be validated, and its advantages in terms of performance, security, scalability, and resource utilization can be demonstrated. The evaluation results provide valuable insights for further refinement, optimization, and potential adoption of the model in practical edge computing environments.

The software known as SDN controller is deployed on the control plane of SDN and is in charge of managing network traffic. It will function on COTS hardware. Data transport according to regulations is done by the data plane. The rules are managed via API by the SDN controller working with NFV VNFs at the edge. It is unable to access the API directly. As a result, data processing and scalability both increases. The primary goal of this effort is traffic control through monitoring data transfers from clouds to IoT devices and vice versa.

Figure 1 shows a detailed overview of our proposed architecture. It consists of three layers: application, control, and infrastructure. The first layer is responsible for network services at the cloud data center. These services communicate to the control plane of the SDN second layer called control layer through the open SDN orchestrator. In this proposed work, an SDN controller called Ryu is used. Ryu is an open source structure created by NTT and written in Python. It supports OpenFlow, OF-Cong, and NETCONF. The SDN control plane is in charge of the traffic control in the application layer.

The edge nodes directly communicate with the end devices. They communicate with the application layer through the SDN controller. Accordingly, the latency will be reduced, and data processing will be increased. SDN's main feature is the division of the control and forwarding planes.

Secure communication channels in the context of SDN-NFV technology on edge nodes refer to the establishment of protected connections between different components and entities involved in the system. These channels ensure the confidentiality, integrity, and authenticity of the transmitted data. Here's a description of secure communication channels in SDN-NFV technology on the edge, focusing on security and scalability:

Secure Socket Layer/Transport Layer Security (SSL/TLS): SSL/TLS protocols provide secure communication between components by encrypting data in transit. They ensure the confidentiality and integrity of data exchanged between edge nodes and the orchestrator. SSL/TLS also allows for mutual authentication, verifying the identities of both communicating parties.

The secure Socket Layer (SSL) and its successor Transport Layer Security (TLS) are cryptographic protocols that provide secure communication over a network. Here are the key features and benefits of SSL/TLS in ensuring secure communication between edge nodes and the orchestrator in the context of SDN-NFV:

Encryption: SSL/TLS protocols use encryption algorithms to encrypt the data exchanged between edge nodes and the orchestrator. This ensures that the transmitted data remain confidential and cannot be intercepted or read by unauthorized entities.

Data Integrity: SSL/TLS employs cryptographic hashing and integrity checks to ensure that the data received at the destination is unchanged during transit. Any tampering or modifications to the data can be detected, ensuring data integrity. Authentication SSL/TLS supports mutual authentication, allowing both the edge nodes and the orchestrator to verify each other's identities. This prevents unauthorized entities from impersonating either party and ensures that the communication is established only with trusted entities.

Certificate-Based Authentication SSL/TLS utilizes digital certificates to verify the authenticity of the communicating parties. Certificates are issued by trusted certificate authorities (CAs) and contain public keys that are used to verify the identity of the certificate holder. This mechanism helps in establishing a secure and trusted connection between the edge nodes and the orchestrator.

Trust and Chain of Trust: SSL/TLS relies on a chain of trust, where the validity of a digital certificate is verified through a series of certificate authorities. This ensures that each certificate in the chain is issued by a trusted authority, establishing the trustworthiness of the connection.

Widely Adopted and Supported: SSL/TLS is widely adopted and supported by various platforms, applications, and web browsers. This ensures interoperability and compatibility, allowing secure communication between different systems and components. Forward Secrecy: SSL/TLS protocols support forward secrecy, which means that even if the private key of a certificate is compromised in the future, past communications remain secure. This is achieved through the use of ephemeral key exchange mechanisms. Using SSL/TLS protocols in the SDN-NFV environment, edge nodes can securely communicate with the orchestrator, protecting the confidentiality and integrity of data while ensuring mutual authentication and trust between the communicating parties.

The evaluation of the proposed enhanced SDNFV model with security features, support for multiple edge nodes, and distributed data processing can be conducted using a combination of simulation and experimentation. The following methodology outlines the steps involved in evaluating the model:

1) Simulation Setup: A simulation environment is set up using appropriate tools or frameworks. The simulation environment should closely resemble the real-world SDNFV architecture and include components such as edge nodes, cloud center, network infrastructure, and communication channels. Realistic workload patterns, data sources, and network conditions are considered in the simulation setup.

2) Workload Generation: Workloads are generated based on real-world scenarios or synthetic data. The workloads should represent a range of data volumes, types, and processing requirements. The workload generation considers factors such as data arrival rates, processing complexities, and distribution patterns to create realistic scenarios for evaluating the model's performance.

3) Implementation and Configuration: The proposed enhanced SDNFV model, including its security features, multiple edge nodes, and distributed data processing components, is implemented and configured in the simulation environment. The security mechanisms, data encryption, authentication mechanisms, load balancing algorithms, and resource management techniques are properly configured to reflect the intended functionality of the model.

4) Performance Metrics Collection: During the simulation runs, various performance metrics are collected to evaluate the model's performance. These metrics may include response time, throughput, latency, resource utilization, data processing speed, and energy consumption. The performance metrics are measured for different workload levels and network conditions to assess the model's performance under varying scenarios.

5) The security Evaluation: The security features incorporated in the model are evaluated using appropriate methods. Penetration testing, vulnerability assessment, and analysis of encryption and authentication mechanisms are performed to assess the effectiveness of the security measures in safeguarding the system and data.

6) Comparative Analysis: The proposed enhanced SDNFV model is compared with existing architectures and approaches in terms of performance, security, scalability, and resource utilization. The comparative analysis highlights the advantages and improvements of the proposed model over the existing solutions. Key factors such as architecture complexity, implementation overhead, deployment flexibility, and adaptability to different use cases are considered in the comparison.

7) Results Analysis: The collected performance metrics and comparative analysis results are analyzed to evaluate the model's effectiveness and validate its advantages. The results are presented in the form of graphs, charts, and statistical analyses to provide a comprehensive understanding of the model's performance, scalability, and security features.

The simulation results should include the performance metrics and comparative analysis to assess the proposed enhanced SDNFV model.

1) Performance Metrics: Performance metrics collected during the simulation runs are presented, including response time, throughput, latency, resource utilization, data processing speed, and energy consumption. These metrics are analyzed under different workload levels and network conditions to assess the model's performance and scalability. Graphs and charts can be used to visualize the results and identify performance trends.

2) The security Evaluation: The results of the security evaluation, including penetration testing, vulnerability assessment, and analysis of encryption and authentication mechanisms, are presented. The evaluation highlights the effectiveness of the security measures implemented in the model and provides insights into the systems resilience against security threats.

3) Comparative Analysis: The comparative analysis results are presented to demonstrate the advantages of the proposed enhanced SDNFV model over existing architectures and approaches. The analysis should include factors such as performance, security, scalability, and resource utilization. Graphs, charts, and statistical comparisons can be used to illustrate the superiority of the proposed model.

4) Case Studies: If applicable, case studies or use cases can be presented to showcase the practical application of the proposed model in specific domains or industries. The case studies provide real-world examples and validate the models effectiveness in solving specific challenges or meeting specific requirements.

The simulation results and analysis should be presented in a clear and concise manner, providing a comprehensive evaluation of the proposed enhanced SDNFV model. The results should support the claims made in the research paper and demonstrate the models performance, security, scalability, and advantages over existing approaches.

The discussion of Findings:

The evaluation and analysis of the proposed enhanced SDNFV model with security features, support for multiple edge nodes, and distributed data processing have yielded several important findings. These findings highlight the advantages and significance of the proposed enhancements. The following points summarize the key findings and their implications:

1) Improved Performance: The simulation results demonstrate that the proposed model exhibits improved performance compared to existing architectures. The performance metrics, such as response time, throughput, and latency, show significant enhancements due to the incorporation of efficient communication and coordination mechanisms. The distributed data processing capabilities enable faster data processing and reduced dependency on the cloud center, resulting in improved overall system performance.

2) Enhanced Security: The security evaluation reveals that the incorporated security features, such as data encryption and authentication mechanisms, effectively protect the system and data from unauthorized access and breaches. The proposed model demonstrates robust security measures, ensuring the integrity and confidentiality of sensitive information. This enhanced security contributes to the trustworthiness and reliability of the SDNFV architecture, making it suitable for applications with stringent security requirements.

3) Scalability and Flexibility: The model's ability to support multiple edge nodes and dynamically manage resources is a significant advantage. Load balancing and resource management techniques ensure efficient resource utilization and scalability. The model can seamlessly accommodate increasing workloads and dynamically allocate resources based on demand, leading to better use of edge node capabilities and improved system scalability.

4) Distributed Data Processing: The evaluation of distributed data processing in the model reveals its effectiveness in handling large volumes of data and complex processing tasks. The use of edge nodes for data processing reduces the latency and network congestion associated with transmitting data to the cloud center. The simulation results demonstrate faster data processing speeds and improved overall system throughput, making the model suitable for latency-sensitive applications.

5) Comparative Analysis: The comparative analysis highlights the advantages of the proposed enhanced SDNFV model over existing approaches. The model outperforms traditional centralized architectures in terms of performance, security, scalability, and resource use. The distributed nature of the model allows for the efficient utilization of edge computing resources, reduces reliance on the cloud center, and improves overall system responsiveness.

6) Practical Relevance: The case studies or use cases presented in the evaluation emphasize the practical relevance and significance of the proposed enhancements. The model proves effective in various domains and industries, showcasing its versatility and adaptability to different application scenarios. The findings demonstrate that the proposed model can address real-world challenges and provide practical solutions for edge computing environments.

Overall, the findings of the evaluation highlight the advantages and significance of the proposed enhancements to the SDNFV architecture. The improved performance, enhanced security, scalability, and distributed data processing capabilities make the model well-suited for edge computing environments. The findings validate the effectiveness of the proposed enhancements and provide valuable insights for researchers, practitioners, and organizations looking to leverage SDNFV for secure and scalable edge computing solutions.

In this research paper, we proposed an enhanced SDNFV model that incorporates security features, supports multiple edge nodes, and enables distributed data processing. The evaluation and analysis of the proposed model have demonstrated several significant contributions and advantages. Firstly the enhanced SDNFV model exhibited improved performance compared to existing architectures. The incorporation of efficient communication and coordination mechanisms, along with distributed data processing capabilities, resulted in reduced response times, increased throughput, and improved overall system performance. Second, the security features integrated into the model effectively safeguarded the system and data. The use of data encryption and authentication mechanisms ensured the integrity and confidentiality of sensitive information, making the model suitable for applications with stringent security requirements. Thirdly the support for multiple edge nodes and resource management techniques enhanced the model's scalability and flexibility. The load balancing algorithms and dynamic resource allocation mechanisms optimized resource utilization, enabling the model to seamlessly handle increasing workloads and adapt to changing demands. Moreover, the distributed data processing capabilities reduced latency and network congestion, resulting in faster data processing speeds and improved overall system throughput. The model demonstrated its suitability for latency-sensitive applications and showcased its ability to efficiently process large volumes of data. Despite the significant contributions, there are some limitations to consider. The proposed model's performance and effectiveness may vary depending on the specific edge computing environment and the characteristics of the workload. Additionally, the evaluation was primarily conducted through simulations, which may not fully capture real-world complexities and dynamics.

To address these limitations and open avenues for future research, several directions can be explored. First, conducting real-world experiments and deploying the enhanced SDNFV model in practical edge computing environments would provide more comprehensive insights into its performance and practical implications.

Secondly, further research can focus on optimizing the models resource management techniques, load balancing algorithms, and distributed data processing mechanisms. Enhancing these aspects can lead to even better resource utilization, system performance, and scalability.

Additionally, the security features of the model can be further expanded and evaluated against emerging security threats and vulnerabilities in edge computing environments. Exploring advanced encryption techniques, authentication mechanisms, and intrusion detection systems would strengthen the model's security capabilities.

Moreover, investigating the economic aspects and cost-effectiveness of deploying the enhanced SDNFV model would provide a holistic understanding of its practical viability and potential cost savings compared to alternative solutions.

In conclusion, the proposed enhanced SDNFV model has demonstrated its advantages in terms of performance, security, scalability, and distributed data processing. The findings of this research paper contribute to the advancement of SDNFV architectures and provide valuable insights for researchers and practitioners in the field of edge computing. By addressing the limitations and exploring future research directions, we can further enhance the models capabilities and its applicability to diverse edge computing scenarios.

The authors declare no conflicts of interest.