Name
Abstract | ||
|---|---|---|
This paper presents FlowNAC, a Flow-based Network Access Control solution that allows to grant users the rights to access the network depending on the target service requested. Each service, defined univocally as a set of flows, can be independently requested and multiple services can be authorized simultaneously. Building this proposal over SDN principles has several benefits: SDN adds the appropriate granularity (fine-or coarse-grained) depending on the target scenario and flexibility to dynamically identify the services at data plane as a set of flows to enforce the adequate policy. FlowNAC uses a modified version of IEEE 802.1X (novel EAPoL-in-EAPoL encapsulation) to authenticate the users (without the need of a captive portal) and service level access control based on proactive deployment of flows (instead of reactive). Explicit service request avoids misidentifying the target service, as it could happen by analyzing the traffic (e.g. private services). The proposal is evaluated in a challenging scenario (concurrent authentication and authorization processes) with promising results. |
Year | DOI | Venue |
|---|---|---|
2014 | 10.1109/EWSDN.2014.39 | Software Defined Networks |
Keywords | Field | DocType |
software defined networking, security, network access control,network access control,security,software defined networking | Service set,Computer access control,Service level,Network security,Computer network,Network access point,Access control,Network Admission Control,Network Access Control,Business | Conference |
Citations | PageRank | References |
21 | 1.32 | 5 |
Authors | ||
5 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jon Matias | 1 | 149 | 13.53 |
| Jokin Garay | 2 | 80 | 5.92 |
| Alaitz Mendiola | 3 | 73 | 8.06 |
| Nerea Toledo | 4 | 153 | 14.01 |
| Eduardo Jacob | 5 | 293 | 31.95 |