Attribute-Guard: Attribute-Based Flow Access Control Framework in Software-Defined Networking
Joint Authors
Chang, Chaowen
Zhu, Xianwei
Xi, Qin
Zuo, ZhiBin
Source
Security and Communication Networks
Issue
Vol. 2020, Issue 2020 (31 Dec. 2020), pp.1-18, 18 p.
Publisher
Hindawi Publishing Corporation
Publication Date
2020-01-10
Country of Publication
Egypt
No. of Pages
18
Main Subjects
Information Technology and Computer Science
Abstract EN
Software-defined networking (SDN) decouples the control plane from the data plane, offering flexible network configuration and management.
Because of this architecture, some security features are missing.
On the one hand, because the data plane only has the packet forwarding function, it is impossible to effectively authenticate the data validity.
On the other hand, OpenFlow can only match based on network characteristics, and it is impossible to achieve fine-grained access control.
In this paper, we aim to develop solutions to guarantee the validity of flow in SDN and present Attribute-Guard, a fine-grained access control and authentication scheme for flow in SDN.
We design an attribute-based flow authentication protocol to verify the legitimacy of the validity flow.
The attribute identifier is used as a matching field to define a forwarding control.
The flow matching based on the attribute identifier and the flow authentication protocol jointly implement fine-grained access control.
We conduct theoretical analysis and simulation-based evaluation of Attribute-Guard.
The results show that Attribute-Guard can efficiently identify and reject fake flow.
American Psychological Association (APA)
Zhu, Xianwei& Chang, Chaowen& Xi, Qin& Zuo, ZhiBin. 2020. Attribute-Guard: Attribute-Based Flow Access Control Framework in Software-Defined Networking. Security and Communication Networks،Vol. 2020, no. 2020, pp.1-18.
https://search.emarefa.net/detail/BIM-1208470
Modern Language Association (MLA)
Zhu, Xianwei…[et al.]. Attribute-Guard: Attribute-Based Flow Access Control Framework in Software-Defined Networking. Security and Communication Networks No. 2020 (2020), pp.1-18.
https://search.emarefa.net/detail/BIM-1208470
American Medical Association (AMA)
Zhu, Xianwei& Chang, Chaowen& Xi, Qin& Zuo, ZhiBin. Attribute-Guard: Attribute-Based Flow Access Control Framework in Software-Defined Networking. Security and Communication Networks. 2020. Vol. 2020, no. 2020, pp.1-18.
https://search.emarefa.net/detail/BIM-1208470
Data Type
Journal Articles
Language
English
Notes
Includes bibliographical references
Record ID
BIM-1208470