Designing and Evaluating a high-reliable and security-aware Identity and Access Management for Slicing Architectures

Rodrigo Moreira; Tereza C. M. B. Carvalho; Flávio de Oliveira Silva

doi:10.5753/wpeif.2023.722

Rodrigo Moreira UFV
Tereza C. M. B. Carvalho USP
Flávio de Oliveira Silva UFU

DOI: https://doi.org/10.5753/wpeif.2023.722

Resumo

Network slicing architectures are fundamental for providing connectivity to demanding users and applications in heterogeneous network infrastructures. Such architectures have evolved significantly in recent years, especially with improvements in security and reliability functions. However, the improvements in these architectures are functionally specific and are not considered throughout the entire architecture lifecycle, opening opportunities for secure, and reliable native architectures. Thus, this paper designs and evaluates an Identity and Access Management (IAM) mechanism while providing security and reliability for building blocks of slicing architectures. Our findings concern a comparative evaluation of the IAM mechanism and its behavior under stress loads, as well as an experimental assessment of a secure defense mechanism against Distributed Denial-of-Service (DDoS) attacks.

Referências

3GPP (2020). Security architecture; procedures for 5G System. Technical specification (ts). TS 33.501 V16.2.0 (2020-03).

Debbabi, F., Jmal, R., Chaari, L., Aguiar, R. L., Gnichi, R., and Taleb, S. (2022). Overview of AI-based Algorithms for Network Slicing Resource Management in B5G and 6G. In 2022 International Wireless Communications and Mobile Computing (IWCMC), pages 330–335.

Kiyemba Edris, E. K., Aiash, M., and Loo, J. K.-K. (2020). The case for federated identity management in 5G communications. In 2020 Fifth International Conference on Fog and Mobile Edge Computing (FMEC), pages 120–127.

Lashkari, A. H., Draper-Gil, G., Mamun, M. S. I., Ghorbani, A. A., et al. (2017). Characterization of tor traffic using time based features. In ICISSp, pages 253–262.

Moreira, R., Martins, J. S. B., Carvalho, T. C. M. B., and de Oliveira Silva, F. (2023). On enhancing network slicing Life-Cycle through an AI-native orchestration architecture. In The 37-th International Conference on Advanced Information Networking and Applications (AINA-2023) (AINA-2023), Federal University of Juiz de Fora, Brazil.

Moreira, R., Rosa, P. F., Aguiar, R. L. A., and de Oliveira Silva, F. (2021). NASOR: A network slicing approach for multiple Autonomous Systems. Computer Communications, 179:131–144.

Porambage, P., Miche, Y., Kalliola, A., Liyanage, M., and Ylianttila, M. (2019). Secure keying scheme for network slicing in 5G architecture. In 2019 IEEE Conference on Standards for Communications and Networking (CSCN), pages 1–6.

Sharafaldin, I., Lashkari, A. H., Hakak, S., and Ghorbani, A. A. (2019). Developing realistic distributed denial of service (ddos) attack dataset and taxonomy. In 2019 International Carnahan Conference on Security Technology (ICCST), pages 1–8.

Wijethilaka, S. and Liyanage, M. (2022). A novel network slicing based security-as-a-service (SECaaS) framework for private 5G networks. In 2022 IEEE Latin-American Conference on Communications (LATINCOM), pages 1–6.