Semantic Security Methods for Software-Defined Networks
Software-defined networking is a promising technology for constructing communication networks where the network management is the software that configures network devices. This contrasts with the traditional point of view where the network behaviour is updated by manual configuration uploading to de...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Yaroslavl State University
2017-12-01
|
| Series: | Моделирование и анализ информационных систем |
| Subjects: | |
| Online Access: | https://www.mais-journal.ru/jour/article/view/612 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849240993013956608 |
|---|---|
| author | Ekaterina Ju. Antoshina Dmitry Ju. Chalyy |
| author_facet | Ekaterina Ju. Antoshina Dmitry Ju. Chalyy |
| author_sort | Ekaterina Ju. Antoshina |
| collection | DOAJ |
| description | Software-defined networking is a promising technology for constructing communication networks where the network management is the software that configures network devices. This contrasts with the traditional point of view where the network behaviour is updated by manual configuration uploading to devices under control. The software controller allows dynamic routing configuration inside the net depending on the quality of service. However, there must be a proof that ensures that every network flow is secure, for example, we can define security policy as follows: confidential nodes can not send data to the public segment of the network. The paper shows how this problem can be solved by using a semantic security model. We propose a method that allows us to construct semantics that captures necessary security properties the network must follow. This involves the specification that states allowed and forbidden network flows. The specification is then modeled as a decision tree that may be reduced. We use the decision tree for semantic construction that captures security requirements. The semantic can be implemented as a module of the controller software so the correctness of the control plane of the network can be ensured on-the-fly. |
| format | Article |
| id | doaj-art-dc248884b8d24b0ca0782616ec66d55c |
| institution | Kabale University |
| issn | 1818-1015 2313-5417 |
| language | English |
| publishDate | 2017-12-01 |
| publisher | Yaroslavl State University |
| record_format | Article |
| series | Моделирование и анализ информационных систем |
| spelling | doaj-art-dc248884b8d24b0ca0782616ec66d55c2025-08-20T04:00:19ZengYaroslavl State UniversityМоделирование и анализ информационных систем1818-10152313-54172017-12-0124675575910.18255/1818-1015-2017-6-755-759446Semantic Security Methods for Software-Defined NetworksEkaterina Ju. Antoshina0Dmitry Ju. Chalyy1P.G. Demidov Yaroslavl State UniversityP.G. Demidov Yaroslavl State UniversitySoftware-defined networking is a promising technology for constructing communication networks where the network management is the software that configures network devices. This contrasts with the traditional point of view where the network behaviour is updated by manual configuration uploading to devices under control. The software controller allows dynamic routing configuration inside the net depending on the quality of service. However, there must be a proof that ensures that every network flow is secure, for example, we can define security policy as follows: confidential nodes can not send data to the public segment of the network. The paper shows how this problem can be solved by using a semantic security model. We propose a method that allows us to construct semantics that captures necessary security properties the network must follow. This involves the specification that states allowed and forbidden network flows. The specification is then modeled as a decision tree that may be reduced. We use the decision tree for semantic construction that captures security requirements. The semantic can be implemented as a module of the controller software so the correctness of the control plane of the network can be ensured on-the-fly.https://www.mais-journal.ru/jour/article/view/612securitysemanticssoftware-defined networks |
| spellingShingle | Ekaterina Ju. Antoshina Dmitry Ju. Chalyy Semantic Security Methods for Software-Defined Networks Моделирование и анализ информационных систем security semantics software-defined networks |
| title | Semantic Security Methods for Software-Defined Networks |
| title_full | Semantic Security Methods for Software-Defined Networks |
| title_fullStr | Semantic Security Methods for Software-Defined Networks |
| title_full_unstemmed | Semantic Security Methods for Software-Defined Networks |
| title_short | Semantic Security Methods for Software-Defined Networks |
| title_sort | semantic security methods for software defined networks |
| topic | security semantics software-defined networks |
| url | https://www.mais-journal.ru/jour/article/view/612 |
| work_keys_str_mv | AT ekaterinajuantoshina semanticsecuritymethodsforsoftwaredefinednetworks AT dmitryjuchalyy semanticsecuritymethodsforsoftwaredefinednetworks |