SDN Data Plane Egress Peer Authentication Using DH-CHAP

Software Defined Network (SDN) is slowly evolving from traditional networking with the proven scope of better performance and reliability. Its dynamic architectural configuration has led to applications having increased control over network devices by managing flow rules and policies. Similarly, Sto...

Full description

Saved in:
Bibliographic Details
Published in2023 IEEE Women in Technology Conference (WINTECHCON) pp. 1 - 6
Main Authors Sowmya, R, Nandhini, M, Priyanga, M
Format Conference Proceeding
LanguageEnglish
Published IEEE 21.09.2023
Subjects
Authentication
data plane
DH-CHAP
key-exchange
peer validation
Peer-to-peer computing
Performance evaluation
Protocols
SAN
SDN
security
Software reliability
Storage area networks
Storage management
Online AccessGet full text
DOI10.1109/WINTECHCON58518.2023.10277297

Cover

More Information
Summary:Software Defined Network (SDN) is slowly evolving from traditional networking with the proven scope of better performance and reliability. Its dynamic architectural configuration has led to applications having increased control over network devices by managing flow rules and policies. Similarly, Storage Area Network (SAN) supports centralized storage management by presenting shared pools of storage devices to multiple servers leveraging a dedicated and high-speed network. Both SDN and SAN face many common and inevitable threats due to the vulnerabilities present in the network. In SDN, there are lots of existing and ongoing research being carried out on dealing with the security models from the application plane to the control plane by introducing various authentication modules and authorization mechanisms. Whereas security at the data plane level is less focused and even the existing research concentrates mainly on source authentication and path validation protocols. Based on an extensive study of the security protocols used in SAN, it has been proven that the DH-CHAP algorithm (an FC-SP based authentication protocol that uses a key exchange mechanism for peer node validation) is very efficient and secure for peer-to-peer authentication. This paper aims to bring the spotlight on DH-CHAP protocol and how this naturally fits into the centralized architecture of SDN, with the control plane taking the role of an authenticator. This proposed approach can lead to threat proof and more secure network when implemented along with the existing security practices.
DOI:10.1109/WINTECHCON58518.2023.10277297