Abstract

Successful execution of future network-centric military operations relies on effective enforcement of both need-to-know and responsibility- to-share principles. In modern military missions and coalitions, which have an increasingly agile character, a promising solution is to enforce security policies based on the properties of individual information objects - we call this approach content-based security. This article discusses the enforcement of content-based security policies at the different layers of the TCP/ IP model, and introduces a proof-of-concept implementation of a content-based protection and release mechanism in a software-defined networking environment. Our aim is to provide consistent enforcement of security policies across multiple system layers and multiple security dimensions (confidentiality, integrity, and availability). The results of an analysis of a concrete example of a software-defined network emulated in Mininet are encouraging and confirm the effectiveness of our approach with respect to improving protection of data in transit. The work presented in this article offers a basis for further research in this area.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.