Analysis and practical validation of a standard SDN-based framework for IPsec management

López-Millán, Gabriel; Marín-López, Rafael; Pereñíguez-García, Fernando; Cánovas, Óscar; Parra-Espín, José Antonio

Por favor, use este identificador para citar o enlazar este ítem: https://doi.org/10.1016/j.csi.2022.103665

RefMan EndNote BibTex RefWorks Excel CSV PDF Mendeley

Título:	Analysis and practical validation of a standard SDN-based framework for IPsec management
Fecha de publicación:	ene-2023
Editorial:	Elsevier
Cita bibliográfica:	Computer Standards & Interfaces, Volume 83, January 2023
ISSN:	1872-7018 0920-5489
Palabras clave:	IPSec IKE Management SDN Performance
Resumen:	The Internet Engineering Task Force (IETF), the international standardization organism for the Internet, has recently approved a standard, RFC 9061, which defines an interface and framework with which to manage IPsec SAs autonomously by using the Software Defined Networking (SDN) paradigm. In this framework, a centralized entity, the controller, sends configuration information to IPsec-enabled nodes in the network in order to create IPsec SAs. Two cases are presented: IKE-case, in which the nodes ship an IKE implementation that is configured by the controller or IKE-less, in which the controller sends the IPsec SAs directly to the nodes, among other relevant security information. This paper analyzes both cases in depth, provides a design for the controller’s operation based on Mealy state machines and obtains experimental results from a virtualized testbed so as to compare these cases, which are missing parts in the standard.
Autor/es principal/es:	López-Millán, Gabriel Marín-López, Rafael Pereñíguez-García, Fernando Cánovas, Óscar Parra-Espín, José Antonio
Facultad/Departamentos/Servicios:	Facultades, Departamentos, Servicios y Escuelas::Departamentos de la UMU::Ingeniería de la Información y las Comunicaciones
Forma parte de:	University of Murcia’s project 33713-”Gestión automática de canales de comunicación seguros mediante el paradigma de redes definidas por software ”
Versión del editor:	https://www.sciencedirect.com/science/article/pii/S0920548922000393
URI:	http://hdl.handle.net/10201/137869
DOI:	https://doi.org/10.1016/j.csi.2022.103665
Tipo de documento:	info:eu-repo/semantics/article
Número páginas / Extensión:	21
Derechos:	info:eu-repo/semantics/openAccess Attribution-NonCommercial-NoDerivatives 4.0 Internacional
Descripción:	©2023. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/ This document is the Accepted, version of a Published Work that appeared in final form in Computer Standards & Interfaces. To access the final edited and published work see https://doi.org/10.1016/j.csi.2022.103665
Aparece en las colecciones:	Artículos: Ingeniería y Tecnología de Computadores

Ficheros en este ítem:

Fichero	Descripción	Tamaño	Formato
_Article__SDN_IPSec_performance.pdf		1,34 MB	Adobe PDF	Visualizar/Abrir

Mostrar el registro Dublin Core completo del ítem Mostrar el registro PREMIS del ítem Estadísticas

Este ítem está sujeto a una licencia Creative Commons Licencia Creative Commons