Controller-Oblivious Dynamic Access Control in Software-Defined Networks | |
---|---|
Author | |
Abstract |
Conventional network access control approaches are static (e.g., user roles in Active Directory), coarse-grained (e.g., 802.1x), or both (e.g., VLANs). Such systems are unable to meaningfully stop or hinder motivated attackers seeking to spread throughout an enterprise network. To address this threat, we present Dynamic Flow Isolation (DFI), a novel architecture for supporting dynamic, fine-grained access control policies enforced in a Software-Defined Network (SDN).
|
Year of Publication |
2019
|
Conference Name |
29th IEEE/IFIP International Conference on Dependable Systems and Networks
|
Date Published |
06/2019
|
Publisher |
IEEE
|
Conference Location |
Portland, OR, USA
|
ISBN Number |
978-1-7281-0057-9
|
Accession Number |
18940692
|
URL |
https://ieeexplore.ieee.org/document/8809519
|
DOI |
10.1109/DSN.2019.00053
|
Google Scholar | BibTeX | XML | DOI |