A Security Authentication Protocol for Trusted Domains in an Autonomous Decentralized System

Software Defined Network (SDN) architecture has been widely used in various application domains. Aiming at the authentication and security issues of SDN architecture in autonomous decentralized system (ADS) applications, securing the mutual trust among the autonomous controllers, we combine trusted technology and SDN architecture, and we introduce an authentication protocol based on SDN architecture without any trusted third party between trusted domains in autonomous systems. By applying BAN predicate logic and AVISPA security analysis tool of network interaction protocol, we can guarantee protocol security and provide complete safety tests. Our work fills the gap of mutual trust between different trusted domains and provides security foundation for interaction between different trusted domains.

[1]  Kinji Mori,et al.  Autonomous Short Latency System for Web Application Layer Firewall , 2010, 2010 6th World Congress on Services.

[2]  Martín Casado,et al.  NOX: towards an operating system for networks , 2008, CCRV.

[3]  Martín Casado,et al.  Ethane: taking control of the enterprise , 2007, SIGCOMM '07.

[4]  Mark Ryan,et al.  Attack, Solution and Verification for Shared Authorisation Data in TCG TPM , 2009, Formal Aspects in Security and Trust.

[5]  Password authentication scheme for mobile computing environment , 2007 .

[6]  Rafik Kheddam,et al.  Mutation-Based Test Generation from Security Protocols in HLPSL , 2011, 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation.

[7]  Nerea Toledo,et al.  Design and formal security evaluation of NeMHIP: A new secure and efficient network mobility management protocol based on the Host Identity Protocol , 2013, Comput. Secur..

[8]  Alexander Shalimov,et al.  Advanced study of SDN/OpenFlow controllers , 2013 .

[9]  Kinji Mori Assured Service-Oriented System Engineering Technologies and Applications , 2010, 2010 Fifth IEEE International Symposium on Service Oriented System Engineering.

[10]  Obi Akonjang,et al.  SANE: A Protection Architecture For Enterprise Networks , 2007 .

[11]  Charlie Kaufman,et al.  Internet Key Exchange (IKEv2) Protocol , 2005, RFC.

[12]  Wei-Tek Tsai,et al.  Autonomous Decentralized Tenant Access Control Model for Sub-tenancy Architecture in Software-as-a-Service (SaaS) , 2015, 2015 IEEE Twelfth International Symposium on Autonomous Decentralized Systems.

[13]  David Erickson,et al.  The beacon openflow controller , 2013, HotSDN '13.

[14]  Peng Hua,et al.  An Identity-Based Authentication Model for Multi-Domain , 2006 .

[15]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[16]  Ramjee Prasad,et al.  Identity establishment and capability based access control (IECAC) scheme for Internet of Things , 2012, The 15th International Symposium on Wireless Personal Multimedia Communications.

[17]  Kinji Mori,et al.  Efficient I/O Intensive Multi Tenant SaaS System Using L4 Level Cache , 2010, 2010 Fifth IEEE International Symposium on Service Oriented System Engineering.

[18]  Yinong Chen,et al.  Service-Oriented Computing and Web Software Integration: From Principles to Development , 2011 .

[19]  Yue Wang,et al.  Security Analysis of the Kerberos Protocol Using BAN Logic , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[20]  Yinong Chen,et al.  Autonomous decentralised systems in web computing environment , 2011, Int. J. Crit. Comput. Based Syst..

[21]  Ailton Akira Shinoda,et al.  Simulation in an SDN network scenario using the POX Controller , 2014, 2014 IEEE Colombian Conference on Communications and Computing (COLCOM).

[22]  Kevin Benton,et al.  OpenFlow vulnerability assessment , 2013, HotSDN '13.

[23]  Dawei Li,et al.  Evaluation of Security Vulnerabilities by Using ProtoGENI as a Launchpad , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[24]  Jian Yang,et al.  A Model-Based Fuzz Framework to the Security Testing of TCG Software Stack Implementations , 2009, 2009 International Conference on Multimedia Information Networking and Security.