Amar Almaini
Lightweight edge authentication for software defined networks
Almaini, Amar; Al-Dubai, Ahmed; Romdhani, Imed; Schramm, Martin; Alsarhan, Ayoub
Authors
Prof Ahmed Al-Dubai A.Al-Dubai@napier.ac.uk
Professor
Dr Imed Romdhani I.Romdhani@napier.ac.uk
Associate Professor
Martin Schramm
Ayoub Alsarhan
Abstract
OpenFlow is considered as the most known protocol for Software Defined Networking (SDN). The main drawback of OpenFlow is the lack of support of new header definitions, which is required by network operators to apply new packet encapsulations. While SDN’s logically centralized control plane could enhance network security by providing global visibility of the network state, it still has many side effects. The intelligent controllers that orchestrate the dumb switches are overloaded and become prone to failure. Delegating some level of control logic to the edge or, to be precise, the switches can offload the controllers from local state based decisions that do not require global network wide knowledge. Thus, this paper, to the best of our knowledge, is the first to propose the delegation of typical security functions from specialized middleboxes to the data plane. We leverage the opportunities offered by programming protocol-independent packet processors (P4) language to present two authentication techniques to assure that only legitimate nodes are able to access the network. The first technique is the port knocking and the second technique is the One-Time Password. Our experimental results indicate that our proposed techniques improve the network overall availability by offloading the controller as well as reducing the traffic in the network without noticeable negative impact on switches’ performance.
Citation
Almaini, A., Al-Dubai, A., Romdhani, I., Schramm, M., & Alsarhan, A. (2021). Lightweight edge authentication for software defined networks. Computing, 103, https://doi.org/10.1007/s00607-020-00835-4
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Jul 10, 2020 |
| Online Publication Date | Aug 8, 2020 |
| Publication Date | 2021-02 |
| Deposit Date | Aug 18, 2020 |
| Publicly Available Date | Aug 18, 2020 |
| Journal | Computing |
| Print ISSN | 0010-485X |
| Electronic ISSN | 1436-5057 |
| Publisher | BMC |
| Peer Reviewed | Peer Reviewed |
| Volume | 103 |
| DOI | https://doi.org/10.1007/s00607-020-00835-4 |
| Keywords | Software-defined networking (SDN), Data plane programmability, Port scan, Security, P4 |
| Public URL | http://researchrepository.napier.ac.uk/Output/2676330 |
Files
Lightweight Edge Authentication For Software Defined Networks
(2.2 Mb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by/4.0/
Copyright Statement
This article is licensed under a Creative Commons Attribution 4.0 International License.
You might also like
Password Pattern and Vulnerability Analysis for Web and Mobile Applications
(2016)
Journal Article
Architecting the Internet of Things: State of the Art
(2015)
Book Chapter
A Loosely-coupled Semantic Model for Efficient Cloud Service Search and Retrieval.
(2015)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search