Physical terminals provide network services to upper-layer applications, but their limited memory and processing power make it challenging to perform security updates and patches, leaving them vulnerable to known security threats. Attackers can exploit these weaknesses to control the terminals and attack the network. To restrict unauthorized access to the network and its resources, appropriate access control mechanisms are necessary. In this paper, we propose a fine-grained access control method based on smart contracts (FACSC) for terminals in software-defined networking (SDN). FACSC utilizes the attribute-based access control (ABAC) model to achieve fine-grained control over terminal access networks. To ensure the security and reliability of access control policies and terminal-related attribute information, we utilize smart contract technology to implement the ABAC model. Furthermore, we leverage the programming protocol-independent packet processor (P4) to filter and forward packets in the data plane based on the packet option field, enabling rapid terminal access. Experimental results show that our proposed method achieves fine-grained secure authentication of terminals in SDN networks with a low authentication processing overhead.
Loading....