Wyniki 1-1 spośród 1 dla zapytania: authorDesc:"Konrad Wrona"

IMPLEMENTATION OF CONTENT-BASED PROTECTION AND RELEASE IN SOFTWARE-DEFINED NETWORKS DOI:10.15199/59.2015.8-9.57


  Future civilian and military communications and information systems require a new method for more dynamic and fine-grained control of access to information. A Content-based Protection and Release (CPR) model has been proposed to address the challenges introduced by future military operations. In this paper we present how the CPR concept can be applied to software-defined networks (SDN) in order to provide integrated protection of information in transit. In particular, we provide an indepth discussion of a proof-of-concept implementation of CPR enforcement in SDNs. 1. INTRODUCTION An important current research and development topic in military and civilian communications and information systems (CIS) is the design of a new method for more dynamic and fine-grained control of access to information. Such a new approach must not only effectively support need-to-know and responsibility-toshare requirements in military operations, but also enable cross-layer enforcement of security policies. The enforced security policies should cover all three dimensions of security - confidentiality, integrity and availability. This is in strong contrast to the situation in a traditional military CIS environment, in which enforcement of security policies is focused mostly on confidentiality and access control mechanisms. One of the proposals made to address the above requirements is the Content-based Protection and Release (CPR) model [1] developed by the NATO Communications and Information Agency, specifically to address the challenges related to implementation of Federated Mission Networking (FMN) [2] and future NATO operations. At the same time Protected Core Networking [3] (PCN) has been proposed as a paradigm for the implementation of a flexible and secure communication infrastructure for a federated military environment. Software-defined networks (SDN) [4] are emerging as a popular approach to network operation and management in the c[...]

 Strona 1