软件定义网络的安全策略转换框架

2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN) Pub Date : 1900-01-01 DOI:10.1109/NFV-SDN.2016.7919476

Jacob H. Cox, R. Clark, H. Owen

{"title":"软件定义网络的安全策略转换框架","authors":"Jacob H. Cox, R. Clark, H. Owen","doi":"10.1109/NFV-SDN.2016.7919476","DOIUrl":null,"url":null,"abstract":"Controllers for software defined networks (SDNs) are quickly maturing to offer network operators more intuitive programming frameworks and greater abstractions for network application development. Likewise, many security solutions now exist within SDN environments for detecting and blocking clients who violate network policies. However, many of these solutions stop at triggering the security measure and give little thought to amending it. As a consequence, once the violation is addressed, no clear path exists for reinstating the flagged client beyond having the network operator reset the controller or manually implement a state change via an external command. This presents a burden for the network and its clients and administrators. Hence, we present a security policy transition framework for revoking security measures in an SDN environment once said measures are activated.","PeriodicalId":448203,"journal":{"name":"2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Security policy transition framework for Software Defined networks\",\"authors\":\"Jacob H. Cox, R. Clark, H. Owen\",\"doi\":\"10.1109/NFV-SDN.2016.7919476\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Controllers for software defined networks (SDNs) are quickly maturing to offer network operators more intuitive programming frameworks and greater abstractions for network application development. Likewise, many security solutions now exist within SDN environments for detecting and blocking clients who violate network policies. However, many of these solutions stop at triggering the security measure and give little thought to amending it. As a consequence, once the violation is addressed, no clear path exists for reinstating the flagged client beyond having the network operator reset the controller or manually implement a state change via an external command. This presents a burden for the network and its clients and administrators. Hence, we present a security policy transition framework for revoking security measures in an SDN environment once said measures are activated.\",\"PeriodicalId\":448203,\"journal\":{\"name\":\"2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NFV-SDN.2016.7919476\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NFV-SDN.2016.7919476","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

摘要

软件定义网络(sdn)的控制器正在迅速成熟，为网络运营商提供更直观的编程框架和更抽象的网络应用程序开发。同样，现在在SDN环境中存在许多用于检测和阻止违反网络策略的客户机的安全解决方案。然而，这些解决方案中的许多都止步于触发安全措施，很少考虑对其进行修改。因此，一旦违规行为得到解决，除了让网络运营商重置控制器或通过外部命令手动执行状态更改之外，没有明确的路径可以恢复被标记的客户端。这给网络及其客户端和管理员带来了负担。因此，我们提出了一个安全策略转换框架，一旦所述措施被激活，就可以在SDN环境中撤销安全措施。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Security policy transition framework for Software Defined networks

Controllers for software defined networks (SDNs) are quickly maturing to offer network operators more intuitive programming frameworks and greater abstractions for network application development. Likewise, many security solutions now exist within SDN environments for detecting and blocking clients who violate network policies. However, many of these solutions stop at triggering the security measure and give little thought to amending it. As a consequence, once the violation is addressed, no clear path exists for reinstating the flagged client beyond having the network operator reset the controller or manually implement a state change via an external command. This presents a burden for the network and its clients and administrators. Hence, we present a security policy transition framework for revoking security measures in an SDN environment once said measures are activated.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)

自引率

0.00%

发文量