Abstract
Aiming at the problem that network topology changes frequently in SDN (Software Defined Network) environment and it is difficult to implement fine-grained access control, utilizing the characteristics of SDN transfer control separation and software programming, the ABAC model (Attribute-Based Access Control) is extended by introducing security level, and the security level is defined for the attributes of subject and object to establish the access mapping relationship based on mandatory access rules. At the same time, with secure access path as SDN access control attribute, a dynamic generation method of access control path based on PSO (Particle Swarm Optimization) algorithm is designed to ensure the security of access data flow. The prototype system experiments show that the proposed method takes into account the fine-grained and dynamic requirements of SDN access control, and improves the access security of SDN while ensuring the access efficiency.
Highlights
Software-defined network SDN is designed to effectively solve the problems of complex structure of traditional network forwarding unit and inefficient network management [1] [2]
With secure access path as SDN access control attribute, a dynamic generation method of access control path based on PSO (Particle Swarm Optimization) algorithm is designed to ensure the security of access data flow
This paper integrates BLP and BIBA mandatory access control mechanism, extends attribute-based access control ABAC model, designs new access control rules for E-ABAC, takes the security level of switching equipment as SDN environment attribute, designs a secure path planning method based on PSO algorithm, and makes full use of SDN flow table update characteristics to ensure data flow security
Summary
How to cite this paper: Chang, D.X., Sun, W.Z., Yang, Y.J. and Wang, T.T. (2019) A Dynamic Access Control Method for SDN. How to cite this paper: Chang, D.X., Sun, W.Z., Yang, Y.J. and Wang, T.T. (2019) A Dynamic Access Control Method for SDN. Journal of Computer and Communications, 7, 105-115. Received: September 21, 2019 Accepted: October 9, 2019 Published: October 16, 2019
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
