Lightweight edge authentication for software defined networks-Reference-Cited by-同舟云学术

Lightweight edge authentication for software defined networks

Published:2020-08-08 Issue:2 Volume:103 Page:291-311
ISSN:0010-485X
Container-title:Computing
language:en
Short-container-title:Computing

Author:

Almaini Amar^ORCID,Al-Dubai Ahmed^ORCID,Romdhani Imed^ORCID,Schramm Martin,Alsarhan Ayoub^ORCID

Abstract

AbstractOpenFlow is considered as the most known protocol for Software Defined Networking (SDN). The main drawback of OpenFlow is the lack of support of new header definitions, which is required by network operators to apply new packet encapsulations. While SDN’s logically centralized control plane could enhance network security by providing global visibility of the network state, it still has many side effects. The intelligent controllers that orchestrate the dumb switches are overloaded and become prone to failure. Delegating some level of control logic to the edge or, to be precise, the switches can offload the controllers from local state based decisions that do not require global network wide knowledge. Thus, this paper, to the best of our knowledge, is the first to propose the delegation of typical security functions from specialized middleboxes to the data plane. We leverage the opportunities offered by programming protocol-independent packet processors (P4) language to present two authentication techniques to assure that only legitimate nodes are able to access the network. The first technique is the port knocking and the second technique is the One-Time Password. Our experimental results indicate that our proposed techniques improve the network overall availability by offloading the controller as well as reducing the traffic in the network without noticeable negative impact on switches’ performance.

Funder

Edinburgh Napier University

Publisher

Springer Science and Business Media LLC

Subject

Computational Mathematics,Computational Theory and Mathematics,Computer Science Applications,Numerical Analysis,Theoretical Computer Science,Software

Link

https://link.springer.com/content/pdf/10.1007/s00607-020-00835-4.pdf

Reference29 articles.

1. von Tüllenburg F, Pfeiffenberger T (2017) Concepts for reliable communication in a software-defined network architecture. In: International conference on computer safety, reliability, and security. Springer, Cham

2. Nick McKeown et al (2008) OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev 38(2):69–74. https://doi.org/10.1145/1355734.1355746

3. Bianchi Giuseppe et al (2014) OpenState: programming platform-independent stateful openflow applications inside the switch. ACM SIGCOMM Comput Commun Rev 44(2):44–51

4. Bosshart Pat et al (2014) P4: Programming protocol-independent packet processors. ACM SIGCOMM Comput Commun Rev 44(3):87–95. https://doi.org/10.1145/2656877.2656890

5. P416 Language specification. Last accessed 15 April 2019. 2019. URL: https://p4.org/p4-spec/docs/P4-16-v1.1.0-spec.pdf

Cited by 16 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. MTLSAuth: Secured Host Discovery and Authentication Technique in SDNs;2024 IEEE Wireless Communications and Networking Conference (WCNC);2024-04-21

2. Towards a software‐defined networking model for consumer‐centric content delivery network for IoT;Transactions on Emerging Telecommunications Technologies;2023-11-27

3. SDN Data Plane Egress Peer Authentication Using DH-CHAP;2023 IEEE Women in Technology Conference (WINTECHCON);2023-09-21

4. Efficient Scanning Activity Detection in IoT Networks Using Ensemble Learning;Proceedings of the 2023 Asia Conference on Artificial Intelligence, Machine Learning and Robotics;2023-09-15

5. A Blockchain-Assisted Authentication for SDN-IoT Network Using Smart Contract;2023 4th International Conference on Computing and Communication Systems (I3CS);2023-03-16