Abstract
Software Defined Networking (SDN) is a new type of network architecture, which provides an important way to implement automated network deployment and flexible management. However, security problems in SDN are also inevitable in industrial networks. In the research area of SDN security and traditional network security, feasibility and influence of defense in depth in industrial networks should thus be explored. In this paper, a security classification transmission method based on SDN in industrial networks is proposed, which provides a better security level of transmission paths. In the proposed method, the security classification transmission system is first presented. By designing five service mechanisms, including request, strategy generation, distribution/maintenance, updating/loading and execution, the security classification transmission service model is defined. In an experimental study, the proposed method is shown to be feasible in industrial heterogeneous networks and provide better security paths without affecting availability in the multi-domain and multi-nodes case of industrial networks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Singh, S., Jha, R.K.: A survey on software defined networking: architecture for next generation network. J. Netw. Syst. Manag. 25, 1–54 (2017)
Scott-Hayward, S., O’Callaghan, G., Sezer, S.: SDN Security: A Survey Future Networks and Services, pp. 1–7. IEEE, Trento (2013)
Adami, D., Giordano, S., D’Amore, G., et al.: A new SDN traffic control application for security routing in critical infrastructures. In: The 13th International Joint Conference on e-Business and Telecommunications, pp. 129–138. SCITEPRESS-Science and Technology Publications, Lda (2016)
Shin, S., Wang, H., Gu, G.: A first step toward network security virtualization: from concept to prototype. IEEE Trans. Inf. Forensics Secur. 10(10), 2236–2249 (2015)
Wang, M., Liu, J., Chen, J., et al.: Perm-guard: authenticating the validity of flow rules in software defined networking. J. Signal Process. Syst. 86(2–3), 1–17 (2016)
Binkui, L., Lei, Z., et al.: Security routing strategy based on switch level division in SDN. Appl. Res. Comput. 34(2), 522–525 (2017)
Henneke, D., Wisniewski, L., Jasperneite, J.: Analysis of realizing a future industrial network by means of Software-Defined Networking (SDN). In: IEEE World Conference on Factory Communication Systems, pp. 1–4. IEEE, Aveiro (2016)
Hussein, A., Elhajj, I.H., Chehab, A., Kayssi, A.: SDN security plane: an architecture for resilient security services. In: IEEE International Conference on Cloud Engineering Workshop, pp. 54–59. IEEE, Berlin (2016)
Yahya, W., Basuki, A., Jiang, J.R.: The extended dijkstra’s-based load balancing for openflow network. Int. J. Electr. Comput. Eng. 5(2), 289–296 (2015)
Singh, V.K., Nimisha, I.K.T.: Applications of maximal network flow problems in transportation and assignment problems. J. Math. Res. 2(1) (2010)
Mininet tools. http://mininet.org/. Accessed 11 Feb 2018
Project Floodlight. http://www.projectfloodlight.org/. Accessed 11 Feb 2018
Ming, W., Wenli, S., Peng, Z., et al.: Modbus/TCP communication access control method based on function code depth detection. Inf. Control 45(2), 248–256 (2016)
Rotsos, C., Sarrar, N., Uhlig, S., Sherwood, R., Moore, Andrew W.: OFLOPS: an open framework for openflow switch evaluation. In: Taft, N., Ricciato, F. (eds.) PAM 2012. LNCS, vol. 7192, pp. 85–95. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28537-0_9
Gelberger, A., Yemini, N., Ran, G.: Performance analysis of software-defined networking (SDN). In: IEEE International Symposium on Modelling, Analysis & Simulation of Computer and Telecommunication Systems, pp. 389–393. IEEE Computer Society, San Francisco (2013)
Acknowledgments
This work is supported by State Grid Science and Technology Project (Grant No. 52110118001H), the National Natural Science Foundation of China (Grant No. 61501447), the National Natural Science Foundation of China (Grant No. 61773368). The authors are grateful to the anonymous referees for their insightful comments and suggestions.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhao, J., Shang, W., Liu, Z., Wang, Z. (2018). Security Classification Transmission Method Based on SDN in Industrial Networks. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11068. Springer, Cham. https://doi.org/10.1007/978-3-030-00021-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-00021-9_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00020-2
Online ISBN: 978-3-030-00021-9
eBook Packages: Computer ScienceComputer Science (R0)