Browse > Article
http://dx.doi.org/10.5392/JKCA.2019.19.12.407

Improved Single Packet Authentication and Network Access Control Security Management in Software Defined Perimeter  

Jung, Jin-kyo (전남대학교 정보보안협동과정대학원)
Lee, Sang-ku ((주)안랩)
Kim, Young-Min (전남대학교 정보보안협동과정대학원)
Publication Information
The Journal of the Korea Contents Association / v.19, no.12, 2019 , pp. 407-415 More about this Journal
Abstract
As the IT environment changes with cloud computing and smart work, the existing perimeter security model is showing its limitations and Software Defined Perimeter is being discussed as an alternative. However, SDP Spec 1.0 does not specify the device registration procedure, policy distribution process and authentication key generation and sharing process.In this paper, we propose a method to solve the problem of SDP access control by improving the operation procedure of Single Packet Authentication. This paper suggests that the proposed method can implement a consistent and automated integrated access control policy compared to the existing access control methods.
Keywords
Zero-Trust; SDP; SPA; Access Control; Access Policy Management;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 D. Puthal, S. P. Mohanty, P. Nanda, and U. Choppali, "Building Security Perimeters to protect network systems against cyber threats," IEEE Consumer Electronics Magazine, Vol.6, Issue 4, pp.24-27, 2017.   DOI
2 강남길, 권태욱, "SDN 환경에서 비인가 소프트웨어 차단 기법," 한국정보보호학회논문지, 제29권, 제2호, pp.393-399, 2019.
3 최상용, 정기문, "안전한 클라우드 컴퓨팅 환경을 위한 보안 아키텍처," 한국컴퓨터정보학회논문지, 제23권, 제12호, pp.81-87, 2018.
4 Abdallah Moubayed, Ahned Refaey, and Abdallah Shami, "Software Defined Perimeter : State of the Art Secure Solution for Modern Networks," IEEE Network, Vol.33, Issue 5, pp.226-233, 2009.   DOI
5 https://www.linuxjournal.com/article/9565
6 Jason Garbis and Puneet Thapliyal, Software Defined Perimeter for Infrastructure as a Service, Cloud Security Alliance, 2016.
7 https://www.zdnet.co.kr/view/?no=20180528103548
8 McAfee, Cloud Adoption and Risk Report, McAfee, 2019.
9 Firemon, State of the Firewall, Firemon, 2018.
10 John Kindervag, Build Security Into Your Network's DNA: The Zero Trust Network Architecture, Forrester Research, 2010.
11 Brent Bilger, Alan Boehme, Bob Folres, Zvi Guterman, Mark Hoover, Michaela Iorga, Junaid Islam, Marc Kolenko, Juanita Koilpilla, Gabor Lengyel, Gram Ludlow, Ted Schroeder, and Jeff Schweitzer, SDP Specification 1.0, CSA, 2014.
12 Jason Garbis and Juanita Koilpollai, Software Defined Perimeter Architecture Guide, CSA, 2019.
13 정진교, 김용민, "제로트러스트 보안모델과 접근통제 적용 연구," 정보보호학회 하계학술대회 논문집, Vol.29, No.1, 2019.
14 Fotios-Dimitrios Tsokos, Development of a Software Defined Security Perimeter, University of the Thessaly, 2018.
15 http://www.cipherdyne.org/fwknop
16 이상구, 정진교, 김용민, "SDP 단일 패킷 인증의 접근통제 개선 방안," 한국콘텐츠학회 종합학술대회 논문집, pp.311-312, 2019.
17 이상구, 김용민, 단일 패킷 인증 프로토콜을 이용한 네트워크 접근통제 방법, 전남대학교, 석사학위논문, 2019.