University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Integrating IPsec within OpenFlow Architecture for Secure Group Communication

Heydari Fami Tafreshi, V, Ghazisaeedi, E, Cruickshank, Haitham and Sun, Zhili (2014) Integrating IPsec within OpenFlow Architecture for Secure Group Communication ZTE Communications, Vol. 1 (No. 2). pp. 41-49.

Text (licence)
Available under License : See the attached licence file.

Download (33kB) | Preview


Network security protocols such as IPsec have been used for many years to ensure robust end⁃to⁃end communication and are impor⁃ tant in the context of SDN. Despite the widespread installation of IPsec to date, per⁃packet protection offered by the protocol is not very compatible with OpenFlow and flow⁃like behavior. OpenFlow architecture cannot aggregate IPsec⁃ESP flows in transport mode or tunnel mode because layer⁃3 information is encrypted and therefore unreadable. In this paper, we propose using the Secu⁃ rity Parameter Index (SPI) of IPsec within the OpenFlow architecture to identify and direct IPsec flows. This enables IPsec to con⁃ form to the packet⁃based behavior of OpenFlow architecture. In addition, by distinguishing between IPsec flows, the architecture is particularly suited to secure group communication.

Item Type: Article
Subjects : Electronic Engineering
Divisions : Faculty of Engineering and Physical Sciences > Electronic Engineering
Authors :
Date : 25 June 2014
Identification Number : 10.3939/j.issn.1673-5188.2014.02.007
Copyright Disclaimer : © 2014 ZTE Corporation
Uncontrolled Keywords : IPsec; OpenFlow; Secure group communication; Group domain of interpretation (GDOI); Flow⁃based switching
Related URLs :
Depositing User : Symplectic Elements
Date Deposited : 07 Dec 2016 14:19
Last Modified : 31 Oct 2017 19:00

Actions (login required)

View Item View Item


Downloads per month over past year

Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800