Analysis of policy-based security management system in software-defined networks

Author(s)
Sood, Keshav
Karmakar, Kallol Krishna
Varadharajan, Vijay
Tupakula, Uday
Yu, Shui
Publication Date
2019-04
Abstract
<p>In software-defined networks, policy-based security management or architecture (PbSA) is an ideal way to dynamically control the network. We observe that on the one hand, this enables security capabilities intelligently and enhance fine-grained control over end user behavior. But, on the other hand, dynamic variations in network, rapid increases in security attacks, geographical distribution of nodes, complex heterogeneous networks, and so on have serious effects on the performance of PbSAs. These affect the flow specific quality of service requirements with further degradation of the performance of the security context. Hence, in this letter, PbSA's performance is evaluated. The key factors including a number of rules, rule-table size, position of rules, flow arrival rate, and CPU utilization are examined, and found to have considerable impact on the performance of PbSAs.</p>
Citation
IEEE Communications Letters, 23(4), p. 612-615
ISSN
1558-2558
1089-7798
Link
Publisher
Institute of Electrical and Electronics Engineers
Title
Analysis of policy-based security management system in software-defined networks
Type of document
Journal Article
Entity Type
Publication

Files:

NameSizeformatDescriptionLink