Idioma:

Model checking invariant security properties in OpenFlow

Son, Sooel ; Seungwon Shin ; Yegneswaran, Vinod ; Porras, Phillip ; Guofei Gu

2013 IEEE International Conference on Communications (ICC), 2013, p.1974-1979

Texto completo disponível

Citações Citado por

Título:
Model checking invariant security properties in OpenFlow
Autor: Son, Sooel ; Seungwon Shin ; Yegneswaran, Vinod ; Porras, Phillip ; Guofei Gu
Assuntos: Educational institutions ; Model checking ; Ports (Computers) ; Security ; Switches
É parte de: 2013 IEEE International Conference on Communications (ICC), 2013, p.1974-1979
Descrição: The OpenFlow (OF) switching specification represents an innovative and open standard for enabling the dynamic programming of flow control policies in production networks. Unfortunately, thus far researchers have paid little attention to the development of methods for verifying that dynamic flow policies inserted within an OpenFlow network do not violate the network's underlying security policy. We introduce Flover, a model checking system which verifies that the aggregate of flow policies instantiated within an OpenFlow network does not violate the network's security policy. We have implemented Flover using the Yices SMT solver, which we then integrated into NOX, a popular OpenFlow network controller. Flover provides NOX a formal validation of the OpenFlow network's security posture.
Editor: IEEE
Idioma: Inglês

Voltar para lista de resultados