DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | Shin, Seungwon | - |
dc.contributor.advisor | 신승원 | - |
dc.contributor.author | Kang, Heedo | - |
dc.date.accessioned | 2021-05-11T19:43:22Z | - |
dc.date.available | 2021-05-11T19:43:22Z | - |
dc.date.issued | 2020 | - |
dc.identifier.uri | http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=907071&flag=dissertation | en_US |
dc.identifier.uri | http://hdl.handle.net/10203/283560 | - |
dc.description | 학위논문(박사) - 한국과학기술원 : 정보보호대학원, 2020.2,[iv, 90 p. :] | - |
dc.description.abstract | This dissertation proposes an automation approach to improve the efficiency and security of the software-defined network (SDN) permission system. More specifically, existing SDN permission systems require human intervention in 1) permission reviewing process and 2) permission model generation and implementation process. In the permission reviewing process, a network operator should analyze the SDN application's source code and reads the application's description before installing it to an SDN controller to determine whether the declared permissions in the SDN application are appropriate. In the case of the permission model generation and implementation process, SDN security experts should analyze the assets retained on an SDN controller to design and implement a permission model for the SDN controller. However, such manual tasks are always error-prone and time-consuming, so they degrade security and cause inefficiency in using or building the SDN permission system. To address these problems, this dissertation proposes the novel approaches to automate the two processes (i.e., permission reviewing process, and permission model generation and implementation process) that require human intervention in the SDN permission system. To prove the feasibility of our approaches, we implement prototypes to automate each process and then evaluate them in the context of popular SDN controllers. Our evaluation clearly shows that our approaches enable us to build a more efficient and secure SDN permission system than prior ones. | - |
dc.language | eng | - |
dc.publisher | 한국과학기술원 | - |
dc.subject | software-defined networks▼asecurity▼apermission system▼aautomation▼aefficiency | - |
dc.subject | 소프트웨어 정의 네트워크▼a보안▼a권한 시스템▼a자동화▼a효율성 | - |
dc.title | Towards efficient and secure SDN permission system | - |
dc.title.alternative | 소프트웨어 정의 네트워크 권한 시스템의 효율성 및 보안성 개선 연구 | - |
dc.type | Thesis(Ph.D) | - |
dc.identifier.CNRN | 325007 | - |
dc.description.department | 한국과학기술원 :정보보호대학원, | - |
dc.contributor.alternativeauthor | 강희도 | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.