Security Policy Scheme for an Efficient Security Architecture in Software-Defined Networking

Woosik Lee; Namgi Kim

doi:10.3390/info8020065

Information (Jun 2017)

Security Policy Scheme for an Efficient Security Architecture in Software-Defined Networking

Woosik Lee,
Namgi Kim

Affiliations

Woosik Lee: Department of Computer Science, Kyonggi University, Suwon 16227, Korea
Namgi Kim: Department of Computer Science, Kyonggi University, Suwon 16227, Korea

DOI: https://doi.org/10.3390/info8020065
Journal volume & issue: Vol. 8, no. 2
p. 65

Abstract

Read online

In order to build an efficient security architecture, previous studies have attempted to understand complex system architectures and message flows to detect various attack packets. However, the existing hardware-based single security architecture cannot efficiently handle a complex system structure. To solve this problem, we propose a software-defined networking (SDN) policy-based scheme for an efficient security architecture. The proposed scheme considers four policy functions: separating, chaining, merging, and reordering. If SDN network functions virtualization (NFV) system managers use these policy functions to deploy a security architecture, they only submit some of the requirement documents to the SDN policy-based architecture. After that, the entire security network can be easily built. This paper presents information about the design of a new policy functions model, and it discusses the performance of this model using theoretical analysis.

Published in Information

ISSN: 2078-2489 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Technology (General): Industrial engineering. Management engineering: Information technology
Website: http://www.mdpi.com/journal/information/

About the journal

Abstract

Keywords