Abstract
We report on work in progress towards a practical implementation of a software defined overlay network that provides data delivery services at a freely definable and provably optimized quality of service. Our example implementation establishes transparent secure transmission, where security is in terms of confidentiality, authenticity and availability. Using general techniques from game-theory, we show how to simultaneously optimize several performance indicators of a transmission service, taking care of interdependencies and using security as a showcase application.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We deviate from the standard setting in enterprise security, where integrity replaces authenticity. However, since authenticity usually implies integrity on a technical level, we can safely go with our modified “definition” here.
- 2.
Here, we neglect issues of IT administration to properly set up and run the underlying system, which may be far from a trivial task.
- 3.
Actually, a rather simplified version of perfectly secure MPT, which splits a message m into a set of random strings so that their XOR recreates m. Despite there being much better practical protocols, in case of two-path transmissions, our scheme is isomorphic to a one-time pad and thus unbreakable. This security is, however, bought at a higher risk of communication failure in case that one or more packets get lost. Thus, the two goals “confidentiality” and “availability” are somewhat conflicting.
References
Abbas, A.: A hybrid protocol for identification of a maximal set of node disjoint paths. Int. Arab J. Inf. Technol. (IAJIT) 6(4), 344–358 (2009)
Alpcan, T., Başar, T.: Network Security: A Decision and Game Theoretic Approach. Cambridge University Press, New York (2010)
Djukic, P., Valaee, S.: Reliable packet transmissions in multipath routed wireless networks. IEEE Trans. Mob. Comput. 5, 548–559 (2006). http://doi.ieeecomputersociety.org/10.1109/TMC.2006.72
Finley, K.: Online security is a total pain, but that may soon change (2014). http://www.wired.com/2014/06/usable-security/
Fitzi, M., Franklin, M., Garay, J., Vardhan, S.H.: Towards optimal and efficient perfectly secure message transmission. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 311–322. Springer, Heidelberg (2007)
Kotzanikolaou, P., Mavropodi, R., Douligeris, C.: Secure multipath routing for mobile ad hoc networks. In: International Conference on Wireless on Demand Network Systems and Service, pp. 89–96. IEEE Computer Society, Los Alamitos (2005).doi:http://doi.ieeecomputersociety.org/10.1109/WONS.2005.31
Li, Z., Kwok, Y.K.: A new multipath routing approach to enhancing TCP security in ad hoc wireless networks. In: International Conference Workshops on Parallel Processing, pp. 372–379 (2005). doi: 10.1109/ICPPW.2005.11
Nunes, B., Mendonca, M., Nguyen, X., Obraczka, K., Turletti, T.: A survey of software-defined networking: past, present, and future of programmable networks. In: Communications Surveys Tutorials, vol. (99), pp. 1–18. IEEE (2014). doi:10.1109/SURV.2014.012214.00180
Rass, S.: On game-theoretic network security provisioning. J. Netw. Syst. Manage. 21(1), 47–64 (2013). http://www.springerlink.com/openurl.asp?genre=article&id=doi:10.1007/s10922-012-9229-1
Rass, S., Rainer, B., Vavti, M., Schauer, S.: A network modeling and analysis tool for perfectly secure communication. In: Proceedings of the 27th IEEE International Conference on Advanced Information Networking and Applications, pp. 267–275. IEEE Computer Society Press (2013, in press)
Rass, S., Schartner, P.: Multipath authentication without shared secrets andwith applications in quantum networks. In: Proceedings of the International Conference on Security and Management (SAM), vol. 1, pp. 111–115. CSREA Press (2010)
Sela, A.: Fictitious play in one-against-all multi-player games. Economic Theory 14, 635–651 (1999). doi:10.1007/s001990050345
Singh, V., Ahsan, S., Ott, J.: MPRTP: multipath considerations for real-time media. ACM Multimedia Systems Conference (2013)
Voorneveld, M.: Pareto-optimal security strategies as minimax strategies of a standard matrix game. J. Optim. Theory Appl. 102(1), 203–210 (1999)
Wen, H., Lin, C., Yang, H., Ren, F., Yue, Y.: Modeling the reliability of packet group transmission in wireless network (2007). http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.132.483
Zhao, L., Delgado-Frias, J.: Multipath routing based secure data transmission in ad hoc networks. In: IEEE International Conference on Wireless and Mobile Computing, Networking and Communication, pp. 17–23 (2006). doi:http://doi.ieeecomputersociety.org/10.1109/WIMOB.2006.1696359
Acknowledgements
This work was supported by the Austrian Research Promotion Agency (FFG) under project grant no. 836287.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Rass, S., Rainer, B., Vavti, M., Göllner, J., Peer, A., Schauer, S. (2015). Secure Communication over Software-Defined Networks. In: Giaffreda, R., Cagáňová, D., Li, Y., Riggio, R., Voisard, A. (eds) Internet of Things. IoT Infrastructures. IoT360 2014. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 151. Springer, Cham. https://doi.org/10.1007/978-3-319-19743-2_31
Download citation
DOI: https://doi.org/10.1007/978-3-319-19743-2_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19742-5
Online ISBN: 978-3-319-19743-2
eBook Packages: Computer ScienceComputer Science (R0)