当前位置:
X-MOL 学术
›
Int. J. Commun. Syst.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
ROCA: Auto‐resolving overlapping and conflicts in Access Control List policies for Software Defined Networking
International Journal of Communication Systems ( IF 1.7 ) Pub Date : 2021-04-13 , DOI: 10.1002/dac.4815 Awais Bin Asif 1 , Muhammad Imran 2 , Nadir Shah 1 , Mehtab Afzal 3 , Hasnat Khurshid 2
International Journal of Communication Systems ( IF 1.7 ) Pub Date : 2021-04-13 , DOI: 10.1002/dac.4815 Awais Bin Asif 1 , Muhammad Imran 2 , Nadir Shah 1 , Mehtab Afzal 3 , Hasnat Khurshid 2
Affiliation
|
Software‐defined networking (SDN) is a new networking architecture that decouples both the control and management planes from the data plane of forwarding devices. Control and management planes are implemented at a logically centralized entity called the controller. Despite numerous advantages, SDN is more prone to logical errors like loops, black holes, network reachability problems, and access control list (ACL) policies violation. In the existing approaches, the network requirements are specified by different network administrators using the ACL policies. SDN allows multiple network administrators to specify the ACL policies simultaneously, which may lead to conflicts and overlaps among the ACL policies. In this research work, a novel technique, called auto‐resolving overlapping and conflicts in ACL policies (ROCA), is proposed to efficiently detect and solve both the conflicts and the overlaps among the ACL policies by using the techniques of set theory, 3D structure, and separating axis theorem. It is shown by simulation and testing on the real network traces that ROCA outperforms the existing approaches in terms of computation time avoiding conflicts and overlapping among the ACL policies.
中文翻译:
ROCA:自动解决软件定义网络的访问控制列表策略中的重叠和冲突
软件定义网络(SDN)是一种新的网络体系结构,该体系结构将控制和管理平面与转发设备的数据平面分离。控制和管理平面在称为控制器的逻辑集中式实体处实现。尽管有许多优点,但SDN更容易出现逻辑错误,例如循环,黑洞,网络可及性问题以及违反访问控制列表(ACL)策略的行为。在现有方法中,网络要求由不同的网络管理员使用ACL策略指定。SDN允许多个网络管理员同时指定ACL策略,这可能导致ACL策略之间发生冲突和重叠。在这项研究工作中,一种称为自动解决ACL策略(ROCA)中的重叠和冲突的新技术,提出使用集合论,3D结构和分离轴定理的技术来有效地检测和解决ACL策略之间的冲突和重叠。通过对真实网络轨迹的仿真和测试表明,ROCA在计算时间方面避免了ACL策略之间的冲突和重叠,其性能优于现有方法。
更新日期:2021-05-04
中文翻译:
ROCA:自动解决软件定义网络的访问控制列表策略中的重叠和冲突
软件定义网络(SDN)是一种新的网络体系结构,该体系结构将控制和管理平面与转发设备的数据平面分离。控制和管理平面在称为控制器的逻辑集中式实体处实现。尽管有许多优点,但SDN更容易出现逻辑错误,例如循环,黑洞,网络可及性问题以及违反访问控制列表(ACL)策略的行为。在现有方法中,网络要求由不同的网络管理员使用ACL策略指定。SDN允许多个网络管理员同时指定ACL策略,这可能导致ACL策略之间发生冲突和重叠。在这项研究工作中,一种称为自动解决ACL策略(ROCA)中的重叠和冲突的新技术,提出使用集合论,3D结构和分离轴定理的技术来有效地检测和解决ACL策略之间的冲突和重叠。通过对真实网络轨迹的仿真和测试表明,ROCA在计算时间方面避免了ACL策略之间的冲突和重叠,其性能优于现有方法。
京公网安备 11010802027423号