The KISS principle in software-defined networking: A framework for secure communications

Diego Kreutz; Jiangshan Yu; Paulo Esteves-Verissimo; Catia Magalhaes; Fernando M.V. Ramos

doi:10.1109/MSP.2018.3761717

The KISS principle in software-defined networking: A framework for secure communications

Diego Kreutz, Jiangshan Yu, Paulo Esteves-Verissimo, Catia Magalhaes, Fernando M.V. Ramos

Department of Software Systems & Cybersecurity

Research output: Contribution to journal › Article › Research › peer-review

6 Citations (Scopus)

Abstract

The pace of adoption of secure mechanisms in software-defined networking (SDN) has been slow, largely due to traditional solutions' performance overhead and their support infrastructure's complexity. To address these challenges, we propose KISS, a secure SDN control plane communications architecture that includes innovative solutions in the context of key distribution and secure channel support.

Original language	English
Article number	8490167
Pages (from-to)	60-70
Number of pages	11
Journal	IEEE Security and Privacy
Volume	16
Issue number	5
DOIs	https://doi.org/10.1109/MSP.2018.3761717
Publication status	Published - 11 Oct 2018

Keywords

cryptographic primitives
integrated device verification value iDVV
perfect forward secrecy
performance
SDN
security
software-defined networking
system architecture

Access to Document

10.1109/MSP.2018.3761717

Link to publication in Scopus

Cite this

@article{c3430b6f96254e73b4b5b54f60ed157c,

title = "The KISS principle in software-defined networking: A framework for secure communications",

abstract = "The pace of adoption of secure mechanisms in software-defined networking (SDN) has been slow, largely due to traditional solutions' performance overhead and their support infrastructure's complexity. To address these challenges, we propose KISS, a secure SDN control plane communications architecture that includes innovative solutions in the context of key distribution and secure channel support.",

keywords = "cryptographic primitives, integrated device verification value iDVV, perfect forward secrecy, performance, SDN, security, software-defined networking, system architecture",

author = "Diego Kreutz and Jiangshan Yu and Paulo Esteves-Verissimo and Catia Magalhaes and Ramos, {Fernando M.V.}",

year = "2018",

month = oct,

day = "11",

doi = "10.1109/MSP.2018.3761717",

language = "English",

volume = "16",

pages = "60--70",

journal = "IEEE Security and Privacy",

issn = "1540-7993",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

number = "5",

}

TY - JOUR

T1 - The KISS principle in software-defined networking

T2 - A framework for secure communications

AU - Kreutz, Diego

AU - Yu, Jiangshan

AU - Esteves-Verissimo, Paulo

AU - Magalhaes, Catia

AU - Ramos, Fernando M.V.

PY - 2018/10/11

Y1 - 2018/10/11

N2 - The pace of adoption of secure mechanisms in software-defined networking (SDN) has been slow, largely due to traditional solutions' performance overhead and their support infrastructure's complexity. To address these challenges, we propose KISS, a secure SDN control plane communications architecture that includes innovative solutions in the context of key distribution and secure channel support.

AB - The pace of adoption of secure mechanisms in software-defined networking (SDN) has been slow, largely due to traditional solutions' performance overhead and their support infrastructure's complexity. To address these challenges, we propose KISS, a secure SDN control plane communications architecture that includes innovative solutions in the context of key distribution and secure channel support.

KW - cryptographic primitives

KW - integrated device verification value iDVV

KW - perfect forward secrecy

KW - performance

KW - SDN

KW - security

KW - software-defined networking

KW - system architecture

UR - http://www.scopus.com/inward/record.url?scp=85055575337&partnerID=8YFLogxK

U2 - 10.1109/MSP.2018.3761717

DO - 10.1109/MSP.2018.3761717

M3 - Article

AN - SCOPUS:85055575337

VL - 16

SP - 60

EP - 70

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

SN - 1540-7993

IS - 5

M1 - 8490167

ER -