Publication: Analysis and practical validation of a standard SDN-based framework for IPsec management
| dc.contributor.author | Marín-López, Rafael | |
| dc.contributor.author | Cánovas, Óscar | |
| dc.contributor.author | Parra-Espín, José Antonio | |
| dc.contributor.author | López Millán, Gabriel | |
| dc.contributor.author | Pereñíguez García, Fernando | |
| dc.contributor.department | Ingeniería y Tecnología de Computadores | |
| dc.date.accessioned | 2024-01-28T09:26:18Z | |
| dc.date.available | 2024-01-28T09:26:18Z | |
| dc.date.issued | 2023-01 | |
| dc.description | ©2023. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/ This document is the Accepted, version of a Published Work that appeared in final form in Computer Standards & Interfaces. To access the final edited and published work see https://doi.org/10.1016/j.csi.2022.103665 | es |
| dc.description.abstract | The Internet Engineering Task Force (IETF), the international standardization organism for the Internet, has recently approved a standard, RFC 9061, which defines an interface and framework with which to manage IPsec SAs autonomously by using the Software Defined Networking (SDN) paradigm. In this framework, a centralized entity, the controller, sends configuration information to IPsec-enabled nodes in the network in order to create IPsec SAs. Two cases are presented: IKE-case, in which the nodes ship an IKE implementation that is configured by the controller or IKE-less, in which the controller sends the IPsec SAs directly to the nodes, among other relevant security information. This paper analyzes both cases in depth, provides a design for the controller’s operation based on Mealy state machines and obtains experimental results from a virtualized testbed so as to compare these cases, which are missing parts in the standard. | es |
| dc.format | application/pdf | es |
| dc.format.extent | 21 | es |
| dc.identifier.citation | Computer Standards & Interfaces, Volume 83, January 2023 | |
| dc.identifier.doi | https://doi.org/10.1016/j.csi.2022.103665 | |
| dc.identifier.issn | 1872-7018 | |
| dc.identifier.issn | 0920-5489 | |
| dc.identifier.uri | http://hdl.handle.net/10201/137869 | |
| dc.language | eng | es |
| dc.publisher | Elsevier | es |
| dc.relation | Sin financiación externa a la Universidad | es |
| dc.relation.ispartof | University of Murcia’s project 33713-”Gestión automática de canales de comunicación seguros mediante el paradigma de redes definidas por software ” | es |
| dc.relation.publisherversion | https://www.sciencedirect.com/science/article/pii/S0920548922000393 | es |
| dc.rights | info:eu-repo/semantics/openAccess | es |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internacional | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
| dc.subject | IPSec | es |
| dc.subject | IKE Management | es |
| dc.subject | SDN | es |
| dc.subject | Performance | es |
| dc.title | Analysis and practical validation of a standard SDN-based framework for IPsec management | es |
| dc.type | info:eu-repo/semantics/article | es |
| dspace.entity.type | Publication | es |
| relation.isAuthorOfPublication | 95fd6dd8-97d5-4335-a962-f693b20779ba | |
| relation.isAuthorOfPublication | 11194db1-33ae-4229-8840-6821d0de651e | |
| relation.isAuthorOfPublication.latestForDiscovery | 95fd6dd8-97d5-4335-a962-f693b20779ba |
Collections
Este ítem está sujeto a una licencia Creative Commons. http://creativecommons.org/licenses/by-nc-nd/4.0/