Enhancing IoT security through network softwarization and virtual security appliances

Alejandro Molina Zarca, Jorge Bernal Bernabe*, Ivan Farris, Yacine Khettab, Tarik Taleb, Antonio Skarmeta

*Corresponding author for this work

Research output: Contribution to journalArticleScientificpeer-review

17 Citations (Scopus)

Abstract

Billions of Internet of Things (IoT) devices are expected to populate our environments and provide novel pervasive services by interconnecting the physical and digital world. However, the increased connectivity of everyday objects can open manifold security vectors for cybercriminals to perform malicious attacks. These threats are even augmented by the resource constraints and heterogeneity of low-cost IoT devices, which make current host-based and static perimeter-oriented defense mechanisms unsuitable for dynamic IoT environments. Accounting for all these considerations, we reckon that the novel softwarization capabilities of Telco network can fully leverage its privileged position to provide the desired levels of security. To this aim, the emerging software-defined networking (SDN) and network function virtualization (NFV) paradigms can introduce new security enablers able to increase the level of IoT systems protection. In this paper, we design a novel policy-based framework aiming to exploit SDN/NFV-based security features, by efficiently coupling with existing IoT security approaches. A proof of concept test bed has been developed to assess the feasibility of the proposed architecture. The presented performance evaluation illustrates the benefits of adopting SDN security mechanisms in integrated IoT environments and provides interesting insights in the policy enforcement process to drive future research.

Original languageEnglish
Article numbere2038
JournalInternational Journal of Network Management
Volume28
Issue number5
DOIs
Publication statusPublished - Sep 2018
MoE publication typeA1 Journal article-refereed

Fingerprint Dive into the research topics of 'Enhancing IoT security through network softwarization and virtual security appliances'. Together they form a unique fingerprint.

Cite this