Por favor, use este identificador para citar o enlazar este ítem:
https://doi.org/10.1016/j.csi.2022.103665
Twittear
Título: | Analysis and practical validation of a standard SDN-based framework for IPsec management |
Fecha de publicación: | ene-2023 |
Editorial: | Elsevier |
Cita bibliográfica: | Computer Standards & Interfaces, Volume 83, January 2023 |
ISSN: | 1872-7018 0920-5489 |
Palabras clave: | IPSec IKE Management SDN Performance |
Resumen: | The Internet Engineering Task Force (IETF), the international standardization organism for the Internet, has recently approved a standard, RFC 9061, which defines an interface and framework with which to manage IPsec SAs autonomously by using the Software Defined Networking (SDN) paradigm. In this framework, a centralized entity, the controller, sends configuration information to IPsec-enabled nodes in the network in order to create IPsec SAs. Two cases are presented: IKE-case, in which the nodes ship an IKE implementation that is configured by the controller or IKE-less, in which the controller sends the IPsec SAs directly to the nodes, among other relevant security information. This paper analyzes both cases in depth, provides a design for the controller’s operation based on Mealy state machines and obtains experimental results from a virtualized testbed so as to compare these cases, which are missing parts in the standard. |
Autor/es principal/es: | López-Millán, Gabriel Marín-López, Rafael Pereñíguez-García, Fernando Cánovas, Óscar Parra-Espín, José Antonio |
Facultad/Departamentos/Servicios: | Facultades, Departamentos, Servicios y Escuelas::Departamentos de la UMU::Ingeniería de la Información y las Comunicaciones |
Forma parte de: | University of Murcia’s project 33713-”Gestión automática de canales de comunicación seguros mediante el paradigma de redes definidas por software ” |
Versión del editor: | https://www.sciencedirect.com/science/article/pii/S0920548922000393 |
URI: | http://hdl.handle.net/10201/137869 |
DOI: | https://doi.org/10.1016/j.csi.2022.103665 |
Tipo de documento: | info:eu-repo/semantics/article |
Número páginas / Extensión: | 21 |
Derechos: | info:eu-repo/semantics/openAccess Attribution-NonCommercial-NoDerivatives 4.0 Internacional |
Descripción: | ©2023. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/ This document is the Accepted, version of a Published Work that appeared in final form in Computer Standards & Interfaces. To access the final edited and published work see https://doi.org/10.1016/j.csi.2022.103665 |
Aparece en las colecciones: | Artículos: Ingeniería y Tecnología de Computadores |
Ficheros en este ítem:
Fichero | Descripción | Tamaño | Formato | |
---|---|---|---|---|
_Article__SDN_IPSec_performance.pdf | 1,34 MB | Adobe PDF | Visualizar/Abrir |
Este ítem está sujeto a una licencia Creative Commons Licencia Creative Commons