Abstract
We report on work in progress towards a practical implementation of a software defined overlay network that provides data delivery services at a freely definable and provably optimized quality of service. Our example implementation establishes transparent secure transmission, where security is in terms of confidentiality, authenticity and availability. Using general techniques from game-theory, we show how to simultaneously optimize several performance indicators of a transmission service, taking care of interdependencies and using security as a showcase application.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
We deviate from the standard setting in enterprise security, where integrity replaces authenticity. However, since authenticity usually implies integrity on a cryptographic level, so we can reasonably go with our modified “definition” here.
Here, we neglect issues of IT administration to properly set up and run the underlying system, which may be far from a trivial task.
Actually, we used a rather simplified version of perfectly secure MPT, which splits a message m into a set of random strings so that their XOR recreates m. Despite there being much better practical protocols, in case of two-path transmissions, our scheme is isomorphic to a one-time pad and thus unbreakable. This security is, however, bought at a higher risk of communication failure in case that one or more packets get lost. Thus, the two goals “confidentiality” and “availability” are somewhat conflicting.
References
Abbas A (2009) A hybrid protocol for identification of a maximal set of node disjoint paths. Int Arab J Inform Technol (IAJIT) 6(4):344–358
Alpcan T, Başar T (2010) Network security: a decision and game theoretic approach. Cambridge University Press
Djukic P, Valaee S (2006) Reliable packet transmissions in multipath routed wireless networks. IEEE Trans Mob Comput 5:548–559. doi:10.1109/TMC.2006.72
Finley K (2014) Online security is a total pain, but that may soon change. http://www.wired.com/2014/06/usable-security/. [online]
Fitzi M, Franklin MK, Garay J, Vardhan SH (2007) Towards optimal and efficient perfectly secure message transmission. In: Vadhan S (ed) 4th Theory of cryptography conference (TCC), Lecture Notes in Computer Science LNCS 4392. Springer, pp 311–322
Kotzanikolaou P, Mavropodi R, Douligeris C (2005) Secure multipath routing for mobile ad hoc networks. In: International conference on wireless on demand network systems and service. IEEE Computer Society, Los Alamitos, pp 89–96
Li Z, Kwok YK (2005) A new multipath routing approach to enhancing TCP security in ad hoc wireless networks. In: International conference workshops on parallel processing, pp 372–379
Nunes B, Mendonca M, Nguyen X, Obraczka K, Turletti T (2014) A survey of software-defined networking: past, present, and future of programmable networks. Commun Surv Tutorials, IEEE PP(99):1–18. doi:10.1109/SURV.2014.012214.00180
Rass S (2013) On game-theoretic network security provisioning. Springer J Netw Syst Manag 21(1):47–64. doi:10.1007/s10922-012-9229-1
Rass S, Rainer B, Vavti M, Schauer S (2013) A network modeling and analysis tool for perfectly secure communication. In: Proceedings of the 27th IEEE international conference on advanced information networking and applications, pp. 267–275. IEEE Computer Society Press. (in press)
Rass S, Schartner P (2010) Multipath authentication without shared secrets and with applications in quantum networks. In: Proceedings of the international conference on security and management (SAM), vol. 1. CSREA Press, pp 111–115
Sela A (1999) Fictitious play in ’one-against-all’ multi-player games. Economic Theory 14:635–651. doi:10.1007/s001990050345
Singh V, Ahsan S, Ott J (2013) Mprtp: Multipath considerations for real-time media. ACM multimedia systems conference
Voorneveld M (1999) Pareto-optimal security strategies as minimax strategies of a standard matrix game. J. Optim. Theory Appl. 102(1):203–210
Wen H, Lin C, Yang H, Ren F, Yue Y (2007) Modeling the reliability of packet group transmission in wireless network
Zhao L, Delgado-Frias J (2006) Multipath routing based secure data transmission in ad hoc networks. IEEE Int Conf Wirel Mob Comput Netw Commun 17–23. doi:10.1109/WIMOB.2006.1696359
Acknowledgments
This work was supported by the Austrian Research Promotion Agency (FFG) under project “RSB”, grant no. 836287.
Author information
Authors and Affiliations
Corresponding author
Additional information
Matthias Vavti is currently affiliated with the University as a student.
Rights and permissions
About this article
Cite this article
Rass, S., Rainer, B., Vavti, M. et al. Secure Communication over Software-Defined Networks. Mobile Netw Appl 20, 105–110 (2015). https://doi.org/10.1007/s11036-015-0582-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-015-0582-7