Paper Info
Title
AuthFlow: authentication and access control mechanism for software defined networking.
Abstract
Software-defined networking (SDN) is being widely adopted by enterprise networks, whereas providing security features in these next generation networks is a challenge. In this article, we present the main security threats in software-defined networking and we propose AuthFlow, an authentication and access control mechanism based on host credentials. The main contributions of our proposal are threefold: (i) a host authentication mechanism just above the MAC layer in an OpenFlow network, which guarantees a low overhead and ensures a fine-grained access control; (ii) a credential-based authentication to perform an access control according to the privilege level of each host, through mapping the host credentials to the set of flows that belongs to the host; (iii) a new framework for control applications, enabling software-defined network controllers to use the host identity as a new flow field to define forwarding rules. A prototype of the proposed mechanism was implemented on top of POX controller. The results show that AuthFlow denies the access of hosts either without valid credentials or with revoked authorization. Finally, we show that our scheme allows, for each host, different levels of access to network resources according to its credential.
Year
DOI
Venue
2016
10.1007/s12243-016-0505-z
Annales des Télécommunications
Keywords
Field
DocType
Access control, Authentication, Software-defined networking
Computer access control,Authentication,Computer security,Computer science,Computer network,OpenFlow,Access control,Network Admission Control,Network Access Control,Software-defined networking,Multi-factor authentication
Journal
Volume
Issue
ISSN
71
11-12
1958-9395
Citations 
PageRank 
References 
7
0.50
10
Authors
2
Name
Order
Citations
PageRank
Diogo M. F. Mattos19715.13
Otto Carlos Muniz Bandeira Duarte268655.46