University of Oulu

Liyanage, M., Braeken, A., Jurcut, A. D., Ylianttila, M., & Gurtov, A. (2017). Secure communication channel architecture for Software Defined Mobile Networks. Computer Networks, 114, 32–50.

Secure communication channel architecture for Software Defined Mobile Networks

Saved in:
Author: Liyanage, Madhusanka1; Braeken, An2; Jurcut, Anca Delia3;
Organizations: 1Centre for Wireless Communications, University of Oulu, Finland
2INDI and ETRO Department, Vrije Universiteit Brussel, Belgium
3Department of Computer Science, University College Dublin, Ireland
4Department of Computer and Information Science, Linköping University, Sweden
5ITMO University, Russia
Format: article
Version: accepted version
Access: open
Online Access: PDF Full Text (PDF, 7 MB)
Persistent link:
Language: English
Published: Elsevier, 2017
Publish Date: 2019-02-26


A Software-Defined Mobile Network (SDMN) architecture is proposed to enhance the performance, flexibility, and scalability of today’s telecommunication networks. However, SDMN features such as centralized controlling, network programmability, and virtualization introduce new security challenges to telecommunication networks. In this article, we present security challenges related to SDMN communication channels (i.e., control and data channel) and propose a novel secure communication channel architecture based on Host Identity Protocol (HIP). IPsec tunneling and security gateways are widely utilized in present-day mobile networks to secure backhaul communication channels. However, the utilization of legacy IPsec mechanisms in SDMNs is challenging due to limitations such as distributed control, lack of visibility, and limited scalability. The proposed architecture also utilizes IPsec tunnels to secure the SDMN communication channels by eliminating these limitations. The proposed architecture is implemented in a testbed and we analyzed its security features. The performance penalty of security due to the proposed security mechanisms is measured on both control and data channels.

see all

Series: Computer networks. The international journal of computer and telecommunications networking
ISSN: 1389-1286
ISSN-E: 1872-7069
ISSN-L: 1389-1286
Volume: 114
Pages: 32 - 50
DOI: 10.1016/j.comnet.2017.01.007
Type of Publication: A1 Journal article – refereed
Field of Science: 213 Electronic, automation and communications engineering, electronics
Funding: This work has been performed in the framework of the SECUREConnect (Secure Connectivity of Future Cyber-Physical Systems) Project. This research is funded by Academy of Finland. Moreover, the authors would like to acknowledge that this work was supported in part by the COST Action IC1303 AAPELE project.
Copyright information: © 2017. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http:/