Secure communication channel architecture for Software Defined Mobile Networks
2017 (English)In: Computer Networks, ISSN 1389-1286, E-ISSN 1872-7069, Vol. 114, 32-50 p.Article in journal (Refereed) Published
A Software-Defined Mobile Network (SDMN) architecture is proposed to enhance the performance, flexibility, and scalability of todays telecommunication networks. However, SDMN features such as centralized controlling, network programmability, and virtualization introduce new security challenges to telecommunication networks. In this article, we present security challenges related to SDMN communication channels (i.e., control and data channel) and propose a novel secure communication channel architecture based on Host Identity Protocol (HIP). IPsec tunneling and security gateways are widely utilized in present-day mobile networks to secure backhaul communication channels. However, the utilization of legacy IPsec mechanisms in SDMNs is challenging due to limitations such as distributed control, lack of visibility, and limited scalability. The proposed architecture also utilizes IPsec tunnels to secure the SDMN communication channels by eliminating these limitations. The proposed architecture is implemented in a testbed and we analyzed its security features. The performance penalty of security due to the proposed security mechanisms is measured on both control and data channels. (C) 2017 Elsevier B.V. All rights reserved.
Place, publisher, year, edition, pages
ELSEVIER SCIENCE BV , 2017. Vol. 114, 32-50 p.
SDN; NFV; 5G; Telecommunication; Security; Mobile networks; IPsec; HIP; OpenFlow
IdentifiersURN: urn:nbn:se:liu:diva-136307DOI: 10.1016/j.comnet.2017.01.007ISI: 000395214000004OAI: oai:DiVA.org:liu-136307DiVA: diva2:1087966
Funding Agencies|Academy of Finland; COST Action AAPELE project [IC1303]2017-04-102017-04-102017-04-10