Abstract
In a distributed mobile Software Defined Mobile Network (SDMN), a device is in a continuous movement from one domain to another. Since a different controller is responsible for each domain, the devices’ authentication information needs to be communicated between the SDN controllers (this type of communication is called East-West communication) to ensure the continuity access to the used devices services. This paper proposes a new secure East-West communication to approve service access continuity for mobile devices in a Distributed SDN. A comparative study between the VPN based approach and the proposed one is done both analytically and by simulation according to two criteria: the approval access authentication delay and the communication overhead. The results show that the proposed approach provides a secure East-West communication using less communication overhead and decreases the approval access authentication delay of mobile devices in an SDN.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aissaoui, H., Urien, P., Pujolle, G.: Low latency of re-authentication during handover: Re-authentication using a signed token in heterogeneous wireless access networks. In: 2013 International Conference on Wireless Information Networks and Systems (WINSYS), pp. 1–7. IEEE (2013)
Anand, D., Khemchandani, V., Sharma, R.K.: Identity-based cryptography techniques and applications (a review). In: 2013 5th International Conference and Computational Intelligence and Communication Networks, pp. 343–348. IEEE (2013)
Chen, M., Qian, Y., Mao, S., Tang, W., Yang, X.: Software-defined mobile networks security. Mob. Netw. Appl. 21(5), 729–743 (2016)
El Kamel, A., Youssef, H.: Improving switch-to-controller assignment with load balancing in multi-controller software defined wan (sd-wan). J. Netw. Syst. Manag. 28(3), 553–575 (2020)
Foundation, O.N.: Software-defined networking (sdn) definition. https://opennetworking.org/sdn-definition/
Ghose, S., Kumar, R., Banerjee, N., Datta, R.: Multihop virtual topology design in WDM optical networks for self-similar traffic. Photonic Netw. Commun. 10(2), 199–214 (2005)
Hendaoui, F., Eltaief, H., Youssef, H.: A collaborative key management scheme for distributed smart objects. Trans. Emerg. Telecommun. Technol. 29(6), e3198 (2018)
Hettiarachchi, S.: Securing east-west communication in clustered multi-sdn controller network (2018)
Hu, T., Guo, Z., Yi, P., Baker, T., Lan, J.: Multi-controller based software-defined networking: a survey. IEEE Access 6, 15980–15996 (2018)
Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., Kivinen, T.: Internet key exchange protocol version 2 (ikev2). Technical report, RFC 5996 (2010)
Kent, S., Atkinson, R.: Ip encapsulating security payload (esp): Rfc 4303 (proposed standard) (2005)
Kent, S., Header, I.A.: Rfc 4302. IETF (2005)
Lam, J.H., Lee, S.G., Lee, H.J., Oktian, Y.E.: Securing distributed SDN with IBC. In: 2015 Seventh International Conference on Ubiquitous and Future Networks, pp. 921–925. IEEE (2015)
Langley, A., Hamburg, M., Turner, S.: Elliptic Curves for Security. RFC 7748 (2016). https://doi.org/10.17487/RFC7748, https://rfc-editor.org/rfc/rfc7748.txt
Maughan, D., Schertler, M., Schneider, M., Turner, J.: Internet security association and key management protocol (ISAKMP) (1998)
Moy, J.: Rfc2328: Ospf version 2 (1998)
Orman, H.: The oakley key determination protocol rfc 2412. IETF, Freemont, CA (1998)
Qin, H., Wang, N.: A data-origin authentication protocol based on ONOS cluster. In: MATEC Web of Conferences. vol. 56, p. 01006. EDP Sciences (2016)
Rescorla, E., Dierks, T.: The transport layer security (TLS) protocol version 1.3 (2018)
Sarmiento, D.E., Lebre, A., Nussbaum, L., Chari, A.: Decentralized SDN control plane for a distributed cloud-edge infrastructure: a survey. IEEE Commun. Surv. Tutor. 23, 256281 (2021)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5
Tomovic, S., Radonjic, M., Radusinovic, I.: Bandwidth-delay constrained routing algorithms for backbone SDN networks. In: 2015 12th International Conference on Telecommunication in Modern Satellite, Cable and Broadcasting Services (TELSIKS), pp. 227–230 (2015). https://doi.org/10.1109/TELSKS.2015.7357775
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Moatemri, M., Eltaief, H., Kamel, A.E., Youssef, H. (2022). Secure East-West Communication to Approve Service Access Continuity for Mobile Devices in a Distributed SDN. In: Gervasi, O., Murgante, B., Hendrix, E.M.T., Taniar, D., Apduhan, B.O. (eds) Computational Science and Its Applications – ICCSA 2022. ICCSA 2022. Lecture Notes in Computer Science, vol 13375. Springer, Cham. https://doi.org/10.1007/978-3-031-10522-7_20
Download citation
DOI: https://doi.org/10.1007/978-3-031-10522-7_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-10521-0
Online ISBN: 978-3-031-10522-7
eBook Packages: Computer ScienceComputer Science (R0)