Skip to main content
SpringerLink
Log in

Authentication-Centric and Access-Controlled Architecture for Edge-Empowered SDN-IoT Networks

  • ORIGINAL CONTRIBUTION
  • Published:
Journal of The Institution of Engineers (India): Series B Aims and scope Submit manuscript

Abstract

When software-defined networks (SDN) are combined with the Internet of Things (IoT), the scalability of IoT devices is reduced since SDNs manage the network through a centralized controller that attackers easily manipulate. This makes SDNs more susceptible to attacks. The previous approaches had problems with trust management and controller scalability and focused primarily on protecting access control to the SDN controller. All users and apps are registered with characteristics using the Keccak-256 hashing approach in the recommended secure authentication and access control architecture. Digital certificates are issued using the Bliss-B approach that relies on the registration, therefore verifying the authenticity of the authentication. By taking qualities, permitted behaviors, and temporal aspects into account, Soft Actor-Critic (SAC) generates rules for authorized users to enhance network security. By confirming and keeping those rules in a database, the administrator minimizes policy disputes. The improved fuzzy-based decision-making algorithm (IFDA) is used to compute trust and provide access control for the generated policies. A non-cooperative game model calculates individual and general user and application policies for direct and indirect trust. Lastly, the forensic-based investigation algorithm (FBI), which speeds up reaction times and maximizes resource use, provides services to trusted users by quality service and SLA standards. The iFogSim tool is utilized to validate the proposed work, and multiple metrics are employed to validate the performance comparisons between the planned and existing works. The simulation results demonstrate that the suggested secure authentication and access control framework performs better than previous efforts.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Data  and Material Accessibility

Since no new data were generated or examined in thisstudy, data accessibility is not relevant to this publication.

References

  1. J. Zhang, H. Chen, L. Gong, J. Cao, Z. Gu, The Current Research of IoT Security. 2019 IEEE Fourth International Conference on Data Science in Cyberspace (DSC), (Hangzhou, China, 2019), pp. 346-353, https://doi.org/10.1109/DSC.2019.00059

  2. K. Ragothaman, Y. Wang, B. Rimal, M. Lawrence, Access control for IoT: a survey of existing research, dynamic policies and future directions. Sensors 23(4), 1805 (2023). https://doi.org/10.3390/s23041805

    Article  Google Scholar 

  3. J. Zhao, H. Hu, F. Huang, Y. Guo, L. Liao, Authentication technology in internet of things and privacy security issues in typical application scenarios. Electronics 12(8), 1812 (2023). https://doi.org/10.3390/electronics12081812

    Article  Google Scholar 

  4. A.K. Ranjan, S. Gaurav, Access Control and Authentication in the Internet of Things Environment, in Connectivity Frameworks for Smart Devices. ed. by Z. Mahmood (Springer, Cham, 2016), pp.283–305

    Chapter  Google Scholar 

  5. P. Kumari, A.K. Jain, SDN-Enabled IoT to Combat the DDoS Attacks, in Communication and Intelligent Systems ICCIS Lecture Notes in Networks and Systems. ed. by H. Sharma, V. Shrivastava, K.K. Bharti, L. Wang (Springer, Singapore, 2022)

    Google Scholar 

  6. K. K. Karmakar, V. Varadharajan, S. Nepal, U. Tupakula SDN enabled secure IoT architecture. IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Arlington VA USA pp. 581 585 (2019)

  7. N. Kammoun et al. A new SDN architecture based on trust management and access control for IoT. Leonard Barolli, Flora Amato, Francesco Moscato, Tomoya Enokido, Makoto Takizawa (eds.) Web, Artificial Intelligence and Network Applications: Proceedings of the Workshops of the 34th International Conference on Advanced Information Networking and Applications (WAINA-2020) Springer International Publishing Cham pp. 245 254 (2020) https://doi.org/10.1007/978-3-030-44038-1_23

  8. D. Bringhenti, J. Yusupov, A. Zarca, F. Valenza, R. Sisto, J.B. Bernabe, A. Skarmeta, Automatic, verifiable, and optimized policy-based security enforcement for SDN-aware IoT networks. Comput. Netw.. Netw. 213, 109123 (2022). https://doi.org/10.1016/j.comnet.2022.109123

    Article  Google Scholar 

  9. A. Wani, S. Revathi Analyzing threats of IoT networks using SDN based intrusion detection system. Pushpak Bhattacharyya, Hanumat G. Sastry, Venkatadri Marriboyina, Rashmi Sharma (eds.) Smart and Innovative Trends in Next Generation Computing Technologies Springer Singapore 536 542 (2018) https://doi.org/10.1007/978-981-10-8660-1_41

  10. J. Chen, Z. Tian, X. Cui et al., Trust architecture and reputation evaluation for internet of things. J. Ambient. Intell. Human Comput 10, 3099–3107 (2019). https://doi.org/10.1007/s12652-018-0887-z

    Article  Google Scholar 

  11. A. Al Hayajneh, M.Z.A. Bhuiyan, I. McAndrew, Improving internet of things (IoT) Security with software-defined networking (SDN). Computers 9(1), 8 (2020). https://doi.org/10.3390/computers9010008

    Article  Google Scholar 

  12. S. K. Tayyaba, M. A. Shah, O. A. Khan, A. W. Ahmed Software defined network (SDN) Based Internet of Things (IoT): A Road Ahead (2017) https://doi.org/10.1145/3102304.3102319

  13. S. Sciancalepore et al. Oauth-iot: An access control framework for the internet of things based on open standards. Computers and Communications (ISCC) 2017 IEEE Symposium on, 676–681 (2017)

  14. R. Mouha, Internet of things (IoT). J. Anal. Inf. Process. 9, 77–101 (2021). https://doi.org/10.4236/jdaip.2021.92006

    Article  Google Scholar 

  15. P. V. Dudhe, N. V. Kadam, R. M. Hushangabade, M. S. Deshmukh Internet of things (IOT): an overview and its applications. 2017 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS) Chennai India 2650–2653 (2017) doi: https://doi.org/10.1109/ICECDS.2017.8389935

  16. O. Flauzac, C. González, A. Hachani, F. Nolot SDN Based Architecture for IoT and Improvement of the Security. In: 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops, Gwangju Korea (South) pp. 688–693 (2015) doi: https://doi.org/10.1109/WAINA.2015.110

  17. F. Nife, Z. Kotulski New SDN-oriented authentication and access control mechanism. International Conference on Computer Networks springer International Publishing 74 88 (2018) https://doi.org/10.1007/978-3-319-92459-5_7

  18. R. Aschoff, D. Rosendo, M. Machado, A. Santos, D. Sadok A network access control solution combining OrBAC and SDN. 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Lisbon Portugal pp. 483-489 (2017) https://doi.org/10.23919/INM.2017.7987316

  19. P. Krishnan, K. Jain, A. Aldweesh et al., OpenStackDP: a scalable network security framework for SDN-based OpenStack cloud infrastructure. J Cloud Comp 12, 26 (2023). https://doi.org/10.1186/s13677-023-00406-w

    Article  Google Scholar 

  20. B. Alzahrani, S.A. Chaudhry, An identity-based encryption method for sdn-enabled source routing systems. Secur. Commun. Netw. 2022, 1–7 (2022). https://doi.org/10.1155/2022/1942097

    Article  Google Scholar 

  21. X. J. Li, M. Ma, C. W. Hlaing Improved handshaking procedures for transport layer security in software defined networks. TENCON 2021 - 2021 IEEE Region 10 Conference (TENCON), Auckland New Zealand pp. 305–310 (2021) https://doi.org/10.1109/TENCON54134.2021.9707184.

  22. S. Pradeep, Y.K. Sharma, U.K. Lilhore et al., Developing an SDN security model (EnsureS) based on lightweight service path validation with batch hashing and tag verification. Sci. Rep. 13, 17381 (2023). https://doi.org/10.1038/s41598-023-44701-7

    Article  Google Scholar 

  23. B. Sousa, C. Gonçalves, FedAAA-SDN: federated authentication, authorization and accounting in SDN controllers. Comp. Netw. 239, 110130 (2024). https://doi.org/10.1016/j.comnet.2023.110130

    Article  Google Scholar 

  24. D. T. Tuan, P. T. Duy, L. C. Hau, V. H. Pham A Blockchain-based authentication and access control for smart devices in SDN-enabled networks for metaverse. 2022 9th NAFOSTED Conference on Information and Computer Science (NICS) Ho Chi Minh City Vietnam pp. 123–128 (2022) doi: https://doi.org/10.1109/NICS56915.2022.10013416.

  25. A. Bhattacharya, R. Rana, S. Datta, V. U. P4-sKnock: A two-level host authentication and access control mechanism in P4 based SDN. In: 2022 27th Asia Pacific Conference on Communications (APCC) Jeju Island Republic of Korea pp. 278–283 (2022) doi: https://doi.org/10.1109/APCC55198.2022.9943765.

  26. W. Iqbal et al., ALAM: anonymous lightweight authentication mechanism for sdn-enabled smart homes. IEEE Internet Things J. 8(12), 9622–9633 (2021). https://doi.org/10.1109/JIOT.2020.3024058

    Article  Google Scholar 

  27. A. Kumar, G. Ganapathy, A modified approach for Kerberos authentication protocol with secret image by using visual cryptography. Int. J. Appl. Eng. Res. 12, 11218–11223 (2017)

    Google Scholar 

  28. K.N. Ambili, J. Jose, A secure software defined networking based framework for IoT networks. J. Inf. Secur. Appl. 2020, 1–19 (2020)

    Google Scholar 

  29. O. Salman, I. H. Elhajj, A. Chehab, A. I. Kayssi Software Defined IoT security framework. 2017 Fourth International Conference on Software Defined Systems (SDS), 75-80 (2017)

  30. F. Alqahtani, Z. Al-Makhadmeh, A. Tolba, O. Said, TBM: a trust-based monitoring security scheme to improve the service authentication in the internet of things communications. Comput. Commun.. Commun. (2020). https://doi.org/10.1016/j.comcom.2019.11.030

    Article  Google Scholar 

  31. A. Al-Alaj, R. Krishnan, R. Sandhu ParaSDN: An access control model for SDN applications based on parameterized roles and permissions. 2020 IEEE 6th International Conference on Collaboration and Internet Computing (CIC) Atlanta GA USA pp. 107–116 (2020) doi: https://doi.org/10.1109/CIC50333.2020.00022.

  32. D. Chang, W. Sun, Y. Yang, T. Wang An E-ABAC-based SDN access control method. 6th International Conference on Information Science and Control Engineering (ICISCE) Shanghai China pp. 668–672 (2019) doi: https://doi.org/10.1109/ICISCE48695.2019.00138.

  33. A. Al-Alaj, R. Krishnan, R. Sandhu, SDN-RBAC: An access control model for SDN controller applications. 4th International Conference on Computing, Communications and Security (ICCCS) Rome Italy pp. 1–8 (2019) doi: https://doi.org/10.1109/CCCS.2019.8888031.

  34. Y. Tseng, M. Pattaranantakul, R. He, Z. Zhang, F. Naït-Abdesselam Controller DAC: securing SDN controller with dynamic access control. 2017 IEEE International Conference on Communications (ICC) Paris France pp. 1–6 (2017) doi: https://doi.org/10.1109/ICC.2017.7997249.

  35. X. Zhu, ChaoWen Chang, Q. Xi, ZhiBin Zuo, Attribute-guard: attribute-based flow access control framework in software-defined networking. Secur. Commun. Netw. 6302739, 18 (2020). https://doi.org/10.1155/2020/6302739

    Article  Google Scholar 

  36. H. Kang, V. Yegneswaran, S. Ghoshz, P. Porras, S. Shin Automated permission model generation for securing SDN control-plane. In: IEEE Transactions on Information Forensics and Security 1–1 (2019) Doi: https://doi.org/10.1109/tifs.2019.2946928.

  37. T. Hu, Z. Zhang, P. Yi, D. Liang, Z. Li, Q. Ren, Y. Hu, J. Lan, SEAPP: A secure application management framework based on REST API access control in SDN-enabled cloud environment. J. Parallel Distrib. Comput. 147, 108–123 (2021)

    Article  Google Scholar 

  38. X. Leng, K. Hou, Y. Chen, K. Bu, L. Song, Y. Li, A lightweight policy enforcement system for resource protection and management in the SDN-based cloud. Comput. Networks 161, 68–81 (2019)

    Article  Google Scholar 

Download references

Funding

No funding available.

Author information

Authors and Affiliations

  1. Department of CSE, GITAM School of Technology, GITAM University, Bengaluru, Karnataka, India

    D. S. Sahana & S. H. Brahmananda

Authors
  1. D. S. Sahana
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. H. Brahmananda
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to D. S. Sahana.

Ethics declarations

Conflict of Interest

There are no competing interests that the author has disclosed.

Ethical Approval

The paper accurately and thoroughly reflects the authors’ research and analysis.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sahana, D.S., Brahmananda, S.H. Authentication-Centric and Access-Controlled Architecture for Edge-Empowered SDN-IoT Networks. J. Inst. Eng. India Ser. B (2024). https://doi.org/10.1007/s40031-024-01053-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s40031-024-01053-8

Keywords

Search

Navigation