Abstract
Software-Defined Networking (SDN) decouples the traditional network system into a data plane, control plane and application plane, making the network as flexible and convenient as software, and improving the innovation capability of the network. However, SDN networks lack effective access control methods for terminal access, making it challenging to perform fine-grained access control and management when terminals access SDN networks, increasing the risk of being attacked. In this paper, we design an SDN-based network architecture to provide secure terminal access, which includes an SDN network control layer, data forwarding layer and terminal layer. Based on Programming Protocol-independent Packet Processors (P4) and blockchain, the access control of the terminal in the SDN network is implemented to ensure SDN network security and service quality. Experimental results show that the proposed method achieves fine-grained secure authentication of terminals in SDN networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Sun, S., Kadoch, M., Gong, L., Rong, B.: Integrating network function virtualization with SDR and SDN for 4G/5G networks. IEEE Netw. 29(3), 54–59 (2015)
Hu, Z., Wang, M., Yan, X., Yin, Y., Luo, Z.: A comprehensive security architecture for SDN. In: 18th International Conference on Intelligence in Next Generation Networks, Paris, France, pp. 30–37 (2015)
Kim, H., Feamster, N.: Improving network management with software defined networking. IEEE Commun. Mag. 51(2), 114–119 (2013)
Jiang, B., He, Q., Li, X., Huang, H.: QoS control method based on SDN for mobile cloud service. In: 2020 IEEE 13th International Conference on Cloud Computing (CLOUD), Beijing, China, pp. 275–283 (2020)
Cox, J., et al.: Advancing software-defined networks: a survey. IEEE Access 5, 25487–25526 (2017)
Chica, J., Imbachi, J., Vega, J.: Security in SDN: a comprehensive survey. J. Netw. Comput. Appl. 159, 102595 (2020)
Porras, P.A., Cheung, S., Fong, M.W., Skinner, K., Yegneswaran, V.: Securing the software defined network control layer. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2015)
Duy, P., Do, H., Nguyen, A., Pham, V.: B-DAC: a decentralized access control framework on northbound interface for securing SDN using blockchain. J. Inf. Secur. Appl. 64, 103080 (2022)
Zou, D., Lu, Y., Yuan, B., Chen, H., Jin, H.: A fine-grained multi-tenant permission management framework for SDN and NFV. IEEE Access 6, 25562–25572 (2018)
Kammoun, N., Abassi, R., Guemara El Fatmi, S., Mosbah, M.: A new SDN architecture based on trust management and access control for IoT. In: Barolli, L., Amato, F., Moscato, F., Enokido, T., Takizawa, M. (eds.) WAINA 2020. AISC, vol. 1150, pp. 245–254. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-44038-1_23
Weng, J.-S., Weng, J., Zhang, Y., Luo, W., Lan, W.: BENBI: scalable and dynamic access control on the northbound interface of SDN-based VANET. IEEE Trans. Veh. Technol. 68(1), 822–831 (2019)
Awasthi, C., Sehgal, I., Pal, P., Mishra, P.: Software-defined network (SDN) for cloud-based Internet of Things. In: Al-Turjman, F., Yadav, S.P., Kumar, M., Yadav, V., Stephan, T. (eds.) Transforming Management with AI, Big-Data, and IoT, pp. 185–213. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-86749-2_11
Matias, J., Garay, J., Mendiola, A., Toledo, N., Jacob, E.: FlowNAC: flow-based network access control. In: Proceedings of the 3th European Workshop on Software Defined Networks, Budapest, Hungary, pp. 79–84 (2014)
del Rey, M.: Internet Protocol - DARPA Internet Program Protocol Specification. Information Sciences Institute University of Southern California (1981)
Acknowledgments
This work was supported in part by the National Natural Science Foundation of China under Grant 62162018 and Grant 61861013, in part by the Innovation Research Team Project of Guangxi Natural Science Foundation 2019GXNSFGA245004, in part by the Innovation Project of Guangxi Graduate Education YCSW2022296.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Jiang, B., He, Q., Pan, Q., He, M. (2023). Blockchain-Based Terminal Access Control in Software Defined Network. In: You, I., Kim, H., Angin, P. (eds) Mobile Internet Security. MobiSec 2022. Communications in Computer and Information Science, vol 1644. Springer, Singapore. https://doi.org/10.1007/978-981-99-4430-9_20
Download citation
DOI: https://doi.org/10.1007/978-981-99-4430-9_20
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-4429-3
Online ISBN: 978-981-99-4430-9
eBook Packages: Computer ScienceComputer Science (R0)