Title :
Enabling Secure Mobility with OpenFlow
Author :
Namal, Suneth ; Ahmad, Ishtiaq ; Gurtov, Andrei ; Ylianttila, Mika
Author_Institution :
Dept. of Commun., Univ. of Oulu, Oulu, Finland
Abstract :
Software Defined Networking (SDN) and its one possible realization, OpenFlow, define the trends of future networks. However, the present OpenFlow architecture does not allow the switches to be mobile e.g., in a moving train as it would disrupt flow processing from network switches. We present OFHIP, an architecture that enables OpenFlow switches to change their IP addresses securely during mobility. OFHIP employs IPSec encapsulated security payload (ESP) in transport mode for protection against DoS, data origin authenticity, connectionless integrity, anti-replay protection, and limited traffic flow confidentiality. We demonstrate the benefits of OFHIP compared to present use of SSL in enabling mobility, reducing the connection latency and improving the resilience to known TCP-level attacks.
Keywords :
computer network management; computer network security; DoS; IP address; Internet protocols; OFHIP architecture; OpenFlow architecture; TCP-level attacks; anti-replay protection; connectionless integrity; data origin authenticity; distributed-of-service; encapsulated security payload; network switches; software defined networking; traffic flow confidentiality; Control systems; Hip; IP networks; Mobile communication; Protocols; Security; Throughput;
Conference_Titel :
Future Networks and Services (SDN4FNS), 2013 IEEE SDN for
Conference_Location :
Trento
DOI :
10.1109/SDN4FNS.2013.6702540
