Security Policy Scheme for an Efficient Security Architecture in Software-Defined Networking

Lee, Woosik; Kim, Namgi

doi:10.3390/info8020065

Cited by 10 publications

(3 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Overall, various survey-based studies highlighting the vulnerabilities in LPWAN communication technologies have identified an urgent need for secure and uninterrupted communication between an end-device and the gateway for secure and effective IoT networks for large-scale IoT deployments. While there is greater potential in the emergence of software-defined network (SDN) architecture for security in IoT, the protocols in SDN are still under development [37,38].…”

Section: Related Work and Research Contributionmentioning

confidence: 99%

“…However, in such a heterogeneous operating environment, the IoT network with constrained resources is faced with significant security and privacy challenges. IoT devices with highly primitive security features are susceptible to attacks as they become entry points to infiltrate into critical infrastructures via the connected networks [38,41]. There is an escalation of new IoT threats and security risks, due to the inherent vulnerabilities in each of the four basic layers of the IoT architecture: In this section, we identify the potential risks and the key security requirements in each IoT layer from reported studies to form the key security requirements for our research problem [29,42,66,67].…”

Section: Security Requirements Of Iot Architecturementioning

confidence: 99%

See 1 more Smart Citation

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Overmars¹,

Venkatraman²

2020

Technologies

View full text Add to dashboard Cite

Recent growth in the Internet of Things (IoT) looks promising for realizing a smart environment of the future. However, concerns about the security of IoT devices are escalating as they are inherently constrained by limited resources, heterogeneity, and lack of standard security controls or protocols. Due to their inability to support state-of-the-art secure network protocols and defense mechanisms, standard security solutions are unsuitable for dynamic IoT environments that require large and smart IoT infrastructure deployments. At present, the IoT based smart environment deployments predominantly use cloud-centric approaches to enable continuous and on-demand data exchange that leads to further security and privacy risks. While standard security protocols, such as Virtual Private Networks (VPNs), have been explored for certain IoT environments recently, the implementation models reported have several variations and are not practically scalable for any dynamically scalable IoT deployment. This paper addresses current drawbacks in providing the required flexibility, interoperability, scalability, and low-cost practical viability of a secure IoT infrastructure. We propose an adaptive end-to-end security model that supports the defense requirements for a scalable IoT infrastructure. With low-cost embedded controllers, such as the Raspberry Pi, allowing for the convergence of more sophisticated networking protocols to be embedded at the IoT monitoring interface, we propose a scalable IoT security model integrating both the IoT devices and the controller as one embedded device. Our approach is unique, with a focus on the integration of a security protocol at the embedded interface. In addition, we demonstrate a prototype implementation of our IoT security model for a smart water monitoring system. We believe that our modest first step would instill future research interests in this direction.

show abstract

Section: Related Work and Research Contributionmentioning

confidence: 99%

Section: Security Requirements Of Iot Architecturementioning

confidence: 99%

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Overmars¹,

Venkatraman²

2020

Technologies

View full text Add to dashboard Cite

show abstract

“…Also, in a similar way to our proposal, SDN controllers have been used for security policy enforcement in specific scenarios [ 32 ] and for the detection of attacks such as DDoS (distributed denial of service) [ 33 ] and others [ 34 ] in that kind of network. There are also proposals for more generic intrusion detection and prevention systems for SDN-based networks [ 35 ], and the definition of security policies through these technologies has been also explored in works such as [ 36 ] or [ 37 ]. Although the use of SDN technologies is a very promising field in security, it requires the deployment of SDN-enabled devices in organizations’ networks and the modification of the current network management, which might have a high impact in terms of network reorganization and cost.…”

Section: Related Workmentioning

confidence: 99%

Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language

Rivera

Monje

Villagrá

et al. 2019

Entropy

View full text Add to dashboard Cite

The increasing number of cyber-attacks, their potential destructive capabilities, and the enormous threat they pose for organizations, require the constant design and development of new, faster, and easier to use systems to address them. The automation of security enforcement systems is one of the most important techniques for enabling a fast response to security challenges, but the complexity of security management might hinder the successful achievement of the desired security. Our proposal integrates the automatic enforcement of security rules based on intrusion detection systems with the definition of a high-level user-centered language for the definition of policies. We have designed a translation process from this language to specific network-wise and device-aware rules that can be installed and enforced. The deployment of these rules is determined by an automatic risk assessment process ruled by the detection system monitoring the network. This way, both the automation and easiness of use goals can be achieved using an integrated system. The solution was tested and validated in two different virtualized networks.

show abstract

Effective motivational factors and comprehensive study of information security and policy challenges

Arvindhan

2022

System Assurances

View full text Add to dashboard Cite

Security Policy Scheme for an Efficient Security Architecture in Software-Defined Networking

Cited by 10 publications

References 33 publications

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language

Effective motivational factors and comprehensive study of information security and policy challenges

Contact Info

Product

Resources

About