User Trust for Access Control in Software Defined Networking

摘要

The proposition of increased innovation in network applications and reduced cost for network operators has won over the networking world to the vision of Software-Defined Networking (SDN). In this new architecture, the network resources at the data plane are shared and different tenants can have competing objectives. Therefore, mechanisms are needed to protect the network resources from unauthorized access. Considering the security requirements and resource consumption, this study presents an user trust method for more finely granular access control. It is able to make control decisions in response to the different user and resources. Rigorous analysis and extensive simulations have demonstrated its distinguished performance in terms of user identity identification, user rights adjustment and effectively denied malicious access.