Enabling Virtual AAA Management in SDN-Based IoT Networks †

The increase of Software Defined Networks (SDN) and Network Function Virtualization (NFV) technologies is bringing many security management benefits that can be exploited at the edge of Internet of Things (IoT) networks to deal with cyber-threats. In this sense, this paper presents and evaluates a n...

Descripción completa

Detalles Bibliográficos
Autores principales: Molina Zarca, Alejandro, Garcia-Carrillo, Dan, Bernal Bernabe, Jorge, Ortiz, Jordi, Marin-Perez, Rafael, Skarmeta, Antonio
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2019
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6359622/
https://www.ncbi.nlm.nih.gov/pubmed/30642089
http://dx.doi.org/10.3390/s19020295
_version_ 1783392303610593280
author Molina Zarca, Alejandro
Garcia-Carrillo, Dan
Bernal Bernabe, Jorge
Ortiz, Jordi
Marin-Perez, Rafael
Skarmeta, Antonio
author_facet Molina Zarca, Alejandro
Garcia-Carrillo, Dan
Bernal Bernabe, Jorge
Ortiz, Jordi
Marin-Perez, Rafael
Skarmeta, Antonio
author_sort Molina Zarca, Alejandro
collection PubMed
description The increase of Software Defined Networks (SDN) and Network Function Virtualization (NFV) technologies is bringing many security management benefits that can be exploited at the edge of Internet of Things (IoT) networks to deal with cyber-threats. In this sense, this paper presents and evaluates a novel policy-based and cyber-situational awareness security framework for continuous and dynamic management of Authentication, Authorization, Accounting (AAA) as well as Channel Protection virtual security functions in IoT networks enabled with SDN/NFV. The virtual AAA, including network authenticators, are deployed as VNF (Virtual Network Function) dynamically at the edge, in order to enable scalable device’s bootstrapping and managing the access control of IoT devices to the network. In addition, our solution allows distributing dynamically the necessary crypto-keys for IoT Machine to Machine (M2M) communications and deploy virtual Channel-protection proxys as VNFs, with the aim of establishing secure tunnels among IoT devices and services, according to the contextual decisions inferred by the cognitive framework. The solution has been implemented and evaluated, demonstrating its feasibility to manage dynamically AAA and channel protection in SDN/NFV-enabled IoT scenarios.
format Online
Article
Text
id pubmed-6359622
institution National Center for Biotechnology Information
language English
publishDate 2019
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-63596222019-02-06 Enabling Virtual AAA Management in SDN-Based IoT Networks † Molina Zarca, Alejandro Garcia-Carrillo, Dan Bernal Bernabe, Jorge Ortiz, Jordi Marin-Perez, Rafael Skarmeta, Antonio Sensors (Basel) Article The increase of Software Defined Networks (SDN) and Network Function Virtualization (NFV) technologies is bringing many security management benefits that can be exploited at the edge of Internet of Things (IoT) networks to deal with cyber-threats. In this sense, this paper presents and evaluates a novel policy-based and cyber-situational awareness security framework for continuous and dynamic management of Authentication, Authorization, Accounting (AAA) as well as Channel Protection virtual security functions in IoT networks enabled with SDN/NFV. The virtual AAA, including network authenticators, are deployed as VNF (Virtual Network Function) dynamically at the edge, in order to enable scalable device’s bootstrapping and managing the access control of IoT devices to the network. In addition, our solution allows distributing dynamically the necessary crypto-keys for IoT Machine to Machine (M2M) communications and deploy virtual Channel-protection proxys as VNFs, with the aim of establishing secure tunnels among IoT devices and services, according to the contextual decisions inferred by the cognitive framework. The solution has been implemented and evaluated, demonstrating its feasibility to manage dynamically AAA and channel protection in SDN/NFV-enabled IoT scenarios. MDPI 2019-01-12 /pmc/articles/PMC6359622/ /pubmed/30642089 http://dx.doi.org/10.3390/s19020295 Text en © 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Molina Zarca, Alejandro
Garcia-Carrillo, Dan
Bernal Bernabe, Jorge
Ortiz, Jordi
Marin-Perez, Rafael
Skarmeta, Antonio
Enabling Virtual AAA Management in SDN-Based IoT Networks †
title Enabling Virtual AAA Management in SDN-Based IoT Networks †
title_full Enabling Virtual AAA Management in SDN-Based IoT Networks †
title_fullStr Enabling Virtual AAA Management in SDN-Based IoT Networks †
title_full_unstemmed Enabling Virtual AAA Management in SDN-Based IoT Networks †
title_short Enabling Virtual AAA Management in SDN-Based IoT Networks †
title_sort enabling virtual aaa management in sdn-based iot networks †
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6359622/
https://www.ncbi.nlm.nih.gov/pubmed/30642089
http://dx.doi.org/10.3390/s19020295
work_keys_str_mv AT molinazarcaalejandro enablingvirtualaaamanagementinsdnbasediotnetworks
AT garciacarrillodan enablingvirtualaaamanagementinsdnbasediotnetworks
AT bernalbernabejorge enablingvirtualaaamanagementinsdnbasediotnetworks
AT ortizjordi enablingvirtualaaamanagementinsdnbasediotnetworks
AT marinperezrafael enablingvirtualaaamanagementinsdnbasediotnetworks
AT skarmetaantonio enablingvirtualaaamanagementinsdnbasediotnetworks

Ejemplares similares