Visible to the public Security policy transition framework for Software Defined networks

TitleSecurity policy transition framework for Software Defined networks
Publication TypeConference Paper
Year of Publication2016
AuthorsCox, J. H., Clark, R. J., Owen, H. L.
Conference Name2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)
KeywordsAccess Control, Collaboration, computer network security, external command, governance, Government, Kinetic theory, Monitoring, NAC, Network Access Control, network application development, network operating system, Network Security Policies, NOS, policy, policy-based governance, Ports (Computers), programming frameworks, pubcrawl, RYU, Ryuretic, SDN, SDN environments, security policies, security policy transition framework, Security Policy Transitions, Software, software defined networking, Software Defined Networks

Controllers for software defined networks (SDNs) are quickly maturing to offer network operators more intuitive programming frameworks and greater abstractions for network application development. Likewise, many security solutions now exist within SDN environments for detecting and blocking clients who violate network policies. However, many of these solutions stop at triggering the security measure and give little thought to amending it. As a consequence, once the violation is addressed, no clear path exists for reinstating the flagged client beyond having the network operator reset the controller or manually implement a state change via an external command. This presents a burden for the network and its clients and administrators. Hence, we present a security policy transition framework for revoking security measures in an SDN environment once said measures are activated.

Citation Keycox_security_2016