TY - JOUR
T1 - CACS
T2 - A Context-Aware and Anonymous Communication Framework for an Enterprise Network Using SDN
AU - Rauf, Bilal
AU - Abbas, Haider
AU - Sheri, Ahmad Muqeem
AU - Iqbal, Waseem
AU - Bangash, Yawar Abbas
AU - Daneshmand, Mahmoud
AU - Amjad, Muhammad Faisal
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2022/7/15
Y1 - 2022/7/15
N2 - The emergence of software-defined networking (SDN) has revolutionized the management of an enterprise network. The SDN-based design provides flexibility in network management, which spans over multiple applications, e.g., routing, switching, forwarding, and controlling. It reduces the reliance on vendor-specific devices and middlebox solutions, such as firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), etc. Furthermore, due to the integration of different technologies, privacy is one of the core issues faced by the enterprise. Host anonymity is one of the techniques to safeguard against privacy attacks; however, the existing anonymization solutions provide better anonymity, but at the cost of higher latency and are most suited for Internet traffic. To tackle this issue in an enterprise network, we propose an SDN-based communication framework using enterprise integration patterns (EIPs) that offers anonymous communication in an enterprise environment. Host anonymity is achieved by replacing the real IP address with the spoofed IP address during the transmission of data packets inside the network. Unlike the traditional networks, SDN can modify the header fields of packets as they traverse in the network from the source to the destination. In addition to the host anonymity, this framework also provides context-aware communication by leveraging the SDN global visibility characteristic, where application services are discoverable on the network without disclosing the addresses of the application servers. Moreover, context-aware services enable network traffic to be routed based on the application-layer services rather than the network-layer information. In the end, evaluation of the proposed framework is carried out with respect to the performance of anonymous communication, computational complexity, and security of the complete proposed framework. In addition, we also highlighted that the proposed framework is more suitable for heterogeneous network environments such as Internet of Things-based solutions.
AB - The emergence of software-defined networking (SDN) has revolutionized the management of an enterprise network. The SDN-based design provides flexibility in network management, which spans over multiple applications, e.g., routing, switching, forwarding, and controlling. It reduces the reliance on vendor-specific devices and middlebox solutions, such as firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), etc. Furthermore, due to the integration of different technologies, privacy is one of the core issues faced by the enterprise. Host anonymity is one of the techniques to safeguard against privacy attacks; however, the existing anonymization solutions provide better anonymity, but at the cost of higher latency and are most suited for Internet traffic. To tackle this issue in an enterprise network, we propose an SDN-based communication framework using enterprise integration patterns (EIPs) that offers anonymous communication in an enterprise environment. Host anonymity is achieved by replacing the real IP address with the spoofed IP address during the transmission of data packets inside the network. Unlike the traditional networks, SDN can modify the header fields of packets as they traverse in the network from the source to the destination. In addition to the host anonymity, this framework also provides context-aware communication by leveraging the SDN global visibility characteristic, where application services are discoverable on the network without disclosing the addresses of the application servers. Moreover, context-aware services enable network traffic to be routed based on the application-layer services rather than the network-layer information. In the end, evaluation of the proposed framework is carried out with respect to the performance of anonymous communication, computational complexity, and security of the complete proposed framework. In addition, we also highlighted that the proposed framework is more suitable for heterogeneous network environments such as Internet of Things-based solutions.
KW - Context aware
KW - enterprise integration patterns (EIPs)
KW - host anonymity
KW - reliability
KW - service registry
KW - software-defined networking (SDN)
UR - http://www.scopus.com/inward/record.url?scp=85120878214&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85120878214&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2021.3132030
DO - 10.1109/JIOT.2021.3132030
M3 - Article
AN - SCOPUS:85120878214
VL - 9
SP - 11725
EP - 11736
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 14
ER -