Enabling secure mobility with OpenFlow

Suneth Namal; Ijaz Ahmad; Andrei Gurtov; Mika Ylianttila

doi:10.1109/SDN4FNS.2013.6702540

Enabling secure mobility with OpenFlow

Suneth Namal, Ijaz Ahmad, Andrei Gurtov, Mika Ylianttila

Aalto-yliopisto

University of Oulu

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference article in proceedings › Scientific › vertaisarvioitu

30 Sitaatiot (Scopus)

Abstrakti

Software Defined Networking (SDN) and its one possible realization, OpenFlow, define the trends of future networks. However, the present OpenFlow architecture does not allow the switches to be mobile e.g., in a moving train as it would disrupt flow processing from network switches. We present OFHIP, an architecture that enables OpenFlow switches to change their IP addresses securely during mobility. OFHIP employs IPSec encapsulated security payload (ESP) in transport mode for protection against DoS, data origin authenticity, connectionless integrity, anti-replay protection, and limited traffic flow confidentiality. We demonstrate the benefits of OFHIP compared to present use of SSL in enabling mobility, reducing the connection latency and improving the resilience to known TCP-level attacks.

Alkuperäiskieli	Englanti
Otsikko	SDN4FNS 2013 - 2013 Workshop on Software Defined Networks for Future Networks and Services
Kustantaja	IEEE
ISBN (painettu)	9781479927814
DOI - pysyväislinkit	https://doi.org/10.1109/SDN4FNS.2013.6702540
Tila	Julkaistu - 2013
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisussa
Tapahtuma	IEEE Software Defined Networks for Future Networks and Services - Trento, Italia Kesto: 11 marrask. 2013 → 13 marrask. 2013

Workshop

Workshop	IEEE Software Defined Networks for Future Networks and Services
Lyhennettä	SDN4FNS
Maa/Alue	Italia
Kaupunki	Trento
Ajanjakso	11/11/2013 → 13/11/2013

Pääsy asiakirjaan

10.1109/SDN4FNS.2013.6702540

Muut tiedostot ja linkit

Link to publication in Scopus

Siteeraa tätä

@inproceedings{4a48eb416366477cb548d2b9d09fc5fc,

title = "Enabling secure mobility with OpenFlow",

abstract = "Software Defined Networking (SDN) and its one possible realization, OpenFlow, define the trends of future networks. However, the present OpenFlow architecture does not allow the switches to be mobile e.g., in a moving train as it would disrupt flow processing from network switches. We present OFHIP, an architecture that enables OpenFlow switches to change their IP addresses securely during mobility. OFHIP employs IPSec encapsulated security payload (ESP) in transport mode for protection against DoS, data origin authenticity, connectionless integrity, anti-replay protection, and limited traffic flow confidentiality. We demonstrate the benefits of OFHIP compared to present use of SSL in enabling mobility, reducing the connection latency and improving the resilience to known TCP-level attacks.",

author = "Suneth Namal and Ijaz Ahmad and Andrei Gurtov and Mika Ylianttila",

year = "2013",

doi = "10.1109/SDN4FNS.2013.6702540",

language = "English",

isbn = "9781479927814",

booktitle = "SDN4FNS 2013 - 2013 Workshop on Software Defined Networks for Future Networks and Services",

publisher = "IEEE",

address = "United States",

note = "IEEE Software Defined Networks for Future Networks and Services, SDN4FNS ; Conference date: 11-11-2013 Through 13-11-2013",

}

TY - GEN

T1 - Enabling secure mobility with OpenFlow

AU - Namal, Suneth

AU - Ahmad, Ijaz

AU - Gurtov, Andrei

AU - Ylianttila, Mika

PY - 2013

Y1 - 2013

N2 - Software Defined Networking (SDN) and its one possible realization, OpenFlow, define the trends of future networks. However, the present OpenFlow architecture does not allow the switches to be mobile e.g., in a moving train as it would disrupt flow processing from network switches. We present OFHIP, an architecture that enables OpenFlow switches to change their IP addresses securely during mobility. OFHIP employs IPSec encapsulated security payload (ESP) in transport mode for protection against DoS, data origin authenticity, connectionless integrity, anti-replay protection, and limited traffic flow confidentiality. We demonstrate the benefits of OFHIP compared to present use of SSL in enabling mobility, reducing the connection latency and improving the resilience to known TCP-level attacks.

AB - Software Defined Networking (SDN) and its one possible realization, OpenFlow, define the trends of future networks. However, the present OpenFlow architecture does not allow the switches to be mobile e.g., in a moving train as it would disrupt flow processing from network switches. We present OFHIP, an architecture that enables OpenFlow switches to change their IP addresses securely during mobility. OFHIP employs IPSec encapsulated security payload (ESP) in transport mode for protection against DoS, data origin authenticity, connectionless integrity, anti-replay protection, and limited traffic flow confidentiality. We demonstrate the benefits of OFHIP compared to present use of SSL in enabling mobility, reducing the connection latency and improving the resilience to known TCP-level attacks.

UR - http://www.scopus.com/inward/record.url?scp=84893589427&partnerID=8YFLogxK

U2 - 10.1109/SDN4FNS.2013.6702540

DO - 10.1109/SDN4FNS.2013.6702540

M3 - Conference article in proceedings

AN - SCOPUS:84893589427

SN - 9781479927814

BT - SDN4FNS 2013 - 2013 Workshop on Software Defined Networks for Future Networks and Services

PB - IEEE

T2 - IEEE Software Defined Networks for Future Networks and Services

Y2 - 11 November 2013 through 13 November 2013

ER -

Enabling secure mobility with OpenFlow

Abstrakti

Workshop

Pääsy asiakirjaan

Muut tiedostot ja linkit

Sormenjälki

Siteeraa tätä