Analysis of Policy-Based Security Management System in Software-Defined Networks

Publication Type:
Journal Article
IEEE Communications Letters, 2019, 23 (4), pp. 612 - 615
Issue Date:
Full metadata record
© 1997-2012 IEEE. In software-defined networks, policy-based security management or architecture (PbSA) is an ideal way to dynamically control the network. We observe that on the one hand, this enables security capabilities intelligently and enhance fine-grained control over end user behavior. But, on the other hand, dynamic variations in network, rapid increases in security attacks, geographical distribution of nodes, complex heterogeneous networks, and so on have serious effects on the performance of PbSAs. These affect the flow specific quality of service requirements with further degradation of the performance of the security context. Hence, in this letter, PbSA's performance is evaluated. The key factors including a number of rules, rule-table size, position of rules, flow arrival rate, and CPU utilization are examined, and found to have considerable impact on the performance of PbSAs.
Please use this identifier to cite or link to this item: