Title :
Modelling and verification of security rules in an OpenFlow environment with Coloured Petri Nets
Author :
Torrez Rojas, Marco Antonio ; Takeo Ueda, Eduardo ; Melo de Brito Carvalho, Tereza Cristina
Author_Institution :
Dept. de Eng. de Comput. e Sist. Digitais, Escola Politec. da Univ. de Sao Paulo, Sao Paulo, Brazil
Abstract :
The discussion of alternatives to the Internet architecture has been the subject of research for several years, resulting in a number of solutions and mechanisms that can help even the current approach. Within this context, the paradigm of Software Defined Networking (SDN) is becoming popular due to recent initiatives based on OpenFlow. This article presents an analysis of security policy rules applied in an environment based on OpenFlow. The analysis of the security policy rules is realized based on data obtained from a simulation of a scenario, modeled using Colored Petri Nets (CPN), and validated by the state space generated from the outputs of this model. The collected results are for a specific scenario. However, the approach is useful to analyze several types of systems. Thus, this research demonstrates that is feasible to employ CPN to model and validate security rules in an OpenFlow-based SDN.
Keywords :
Petri nets; computer network security; protocols; CPN; Internet architecture; OpenFlow environment; OpenFlow-based SDN; coloured Petri nets; security policy rulesanalysis; security rule modelling; security rule validation; security rule verification; software defined networking; state space; Analytical models; Computational modeling; Data models; Internet; Petri nets; Security; Software; Coloured Petri Nets; OpenFlow; SDN; Validate security rules;
Conference_Titel :
Information Systems and Technologies (CISTI), 2014 9th Iberian Conference on
Conference_Location :
Barcelona
DOI :
10.1109/CISTI.2014.6876890
