Karmakar et al., 2016 - Google Patents
On the Design and Implementation of a Security Architecture for End to End Services in Software Defined NetworksKarmakar et al., 2016
- Document ID
- 4236304641325333826
- Author
- Karmakar K
- Varadharajan V
- Tupakula U
- Publication year
- Publication venue
- 2016 IEEE 41st Conference on Local Computer Networks (LCN)
External Links
Snippet
In this paper, we propose a policy driven security architecture for securing end to end services across multiple autonomous domain based SDN environment. We develop a language based approach to designing a range of security policies that are relevant for SDN …
- 230000014509 gene expression 0 description 19
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/08—Configuration management of network or network elements
- H04L41/0803—Configuration setting of network or network elements
- H04L41/0813—Changing of configuration
- H04L41/082—Changing of configuration due to updating or upgrading of network functionality, e.g. firmware
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0254—Stateful filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/24—Flow control or congestion control depending on the type of traffic, e.g. priority or quality of service [QoS]
- H04L47/2441—Flow classification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/08—Configuration management of network or network elements
- H04L41/0893—Assignment of logical groupings to network elements; Policy based network management or configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/08—Configuration management of network or network elements
- H04L41/0876—Aspects of the degree of configuration automation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/08—Configuration management of network or network elements
- H04L41/0866—Checking configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11750614B2 (en) | Methods and systems for dynamic creation of access control lists | |
| Ferrazani Mattos et al. | AuthFlow: authentication and access control mechanism for software defined networking | |
| Casado et al. | Ethane: Taking control of the enterprise | |
| CN1790980B (en) | Secure authentication advertisement protocol | |
| EP3213489B1 (en) | Content classification and content marking for information centric networks | |
| US9762490B2 (en) | Content filtering for information centric networks | |
| Karim et al. | Secure multipath mutation SMPM in moving target defense based on SDN | |
| Wyss et al. | Secure and scalable QoS for critical applications | |
| Varadharajan et al. | Securing communication in multiple autonomous system domains with software defined networking | |
| Lefebvre et al. | On sdpn: Integrating the software-defined perimeter (sdp) and the software-defined network (sdn) paradigms | |
| Wang et al. | A data plane security model of segmented routing based on SDP trust enhancement architecture | |
| Griffioen et al. | VIP Lanes: High-speed custom communication paths for authorized flows | |
| Karmakar et al. | On the Design and Implementation of a Security Architecture for End to End Services in Software Defined Networks | |
| Akashi et al. | A vulnerability of dynamic network address translation to denial-of-service attacks | |
| Awasthi | Network Classification for an Enterprise | |
| Taniguchi et al. | Design and Evaluation of a Proxy‐Based Monitoring System for OpenFlow Networks | |
| Aytaç et al. | Authenticated quality of service aware routing in software defined networks | |
| CN108234495B (en) | Network bandwidth allocation method based on multidimensional attribute of autonomous system | |
| Sandhu et al. | Software‐Defined Networking: Recent Developments and Potential Synergies | |
| Elmasry et al. | Network management challenges for joint forces interoperability | |
| Martins et al. | An Extensible Access Control Architecture for Software Defined Networks based on X. 812 | |
| US20250097198A1 (en) | Zero-trust packet routing | |
| Jayasekara | Advanced Computer Networks For A Company: Case Study Analysis | |
| Mwape | Performance evaluation of internet protocol security (IPSec) over multiprotocol label switching (MPLS). | |
| Koole et al. | A Comparative Analysis of Routing Policies in BGP and SCION |