Ola Salman

SDN controllers: A comparative study

The control plane is an essential part of the SDN architecture, so it is very important to give proper attention to any proposal or design of an SDN controller. During the past few years, several controllers have been developed and several studies have been done to evaluate, compare and test the performance of these controllers. In this paper, new controllers are tested, such as ONOS and Libfluid-based controllers (raw, base), using Cbench, an OpenFlow testing tool. Even though the results show that MUL, Beacon, and Maestro (in latency mode) are the best performing controllers; however, the selection of the best-fitted controller should be based on several criteria, per user requirements.

Identity-based authentication scheme for the Internet of Things

Security and privacy are among the most pressing concerns that have evolved with the Internet. As networks expanded and became more open, security practices shifted to ensure protection of the ever growing Internet, its users, and data. Today, the Internet of Things (IoT) is emerging as a new type of network that connects everything to everyone, everywhere. Consequently, the margin of tolerance for security and privacy becomes narrower because a breach may lead to large-scale irreversible damage. One feature that helps alleviate the security concerns is authentication. While different authentication schemes are used in vertical network silos, a common identity and authentication scheme is needed to address the heterogeneity in IoT and to integrate the different protocols present in IoT. We propose in this paper an identity-based authentication scheme for heterogeneous IoT. The correctness of the proposed scheme is tested with the AVISPA tool and results showed that our scheme is immune to masquerade, man-in-the-middle, and replay attacks.

An architecture for the Internet of Things with decentralized data and centralized control

Internet of Things (IoT) is considered to be the Internet of the future. Thus, a lot of effort is being invested in finding the best design for a global IoT architecture. Recently, Software-Defined Networking (SDN) surfaced as a new networking paradigm that aims to centralize the network control and to separate the control and the data planes. Thus, one can benefit from SDN to abstract the major management complexities residing in this ubiquitous network of networks. Therefore, dealing with the huge amount of generated data in such network will be a major challenge; so, adopting advanced data technologies (cloud and fog computing) will be essential for the new architecture. In this paper, we review work done concerning the application of SDN to the IoT. Also, we propose and analyze a new SDN-based IoT architecture characterized by the centralization of the network control and the decentralization of the data management.

IoT survey: An SDN and fog computing perspective

Abstract Recently, there has been an increasing interest in the Internet of Things (IoT). While some analysts disvalue the IoT hype, several technology leaders, governments, and researchers are putting serious efforts to develop solutions enabling wide IoT deployment. Thus, the huge amount of generated data, the high network scale, the security and privacy concerns, the new requirements in terms of QoS, and the heterogeneity in this ubiquitous network of networks make its implementation a very challenging task. SDN, a new networking paradigm, has revealed its usefulness in reducing the management complexities in todays networks. Additionally, SDN, having a global view of the network, has presented effective security solutions. On the other hand, fog computing, a new data service platform, consists of pushing the data to the network edge reducing the cost (in terms of bandwidth consumption and high latency) of “big data” transportation through the core network. In this paper, we critically review the SDN and fog computing-based solutions to overcome the IoT main challenges, highlighting their advantages, and exposing their weaknesses. Thus, we make recommendations at the end of this paper for the upcoming research work.

Multi-level security for the 5G/IoT ubiquitous network

5G, the fifth generation of mobile communication networks, is considered as one of the main IoT enablers. Connecting billions of things, 5G/IoT will be dealing with trillions of GBytes of data. Securing such large amounts of data is a very challenging task. Collected data varies from simple temperature measurements to more critical transaction data. Thus, applying uniform security measures is a waste of resources (processing, memory, and network bandwidth). Alternatively, a multi-level security model needs to be applied according to the varying requirements. In this paper, we present a multi-level security scheme (BLP) applied originally in the information security domain. We review its application in the network domain, and propose a modified version of BLP for the 5G/IoT case. The proposed model is proven to be secure and compliant with the model rules.

Software Defined IoT security framework

The requirements of the fifth generation of mobile communications technology (5G) present many challenges. Among others, it aims at improved support of device-to-device communication, lower cost, lower latency than 4G and lower battery consumption, for better implementation of the Internet of things (IoT). However, the connectivity of IoT devices gives rise to additional security and privacy concerns. Given the associated data proliferation and the integration of third-party applications, the access control management becomes an exceedingly complex task. Thus, a security model is needed. Few years ago, the “softwarization” invasion along with the network “virtualization” have led to a new network control paradigm and paved the way towards a global network operating system. In this paper, we discuss the IoT requirements in terms of security and privacy. Additionally, we propose an IoT software defined security framework.