{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T19:19:34Z","timestamp":1742930374950,"version":"3.40.3"},"publisher-location":"Cham","reference-count":25,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319646527"},{"type":"electronic","value":"9783319646534"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-64653-4_6","type":"book-chapter","created":{"date-parts":[[2017,11,11]],"date-time":"2017-11-11T05:33:39Z","timestamp":1510378419000},"page":"149-169","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["A Security Policy Transition Framework for Software-Defined Networks"],"prefix":"10.1007","author":[{"suffix":"Jr.","given":"Jacob H.","family":"Cox","sequence":"first","affiliation":[]},{"given":"Russell J.","family":"Clark","sequence":"additional","affiliation":[]},{"suffix":"III","given":"Henry L.","family":"Owen","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,11,12]]},"reference":[{"key":"6_CR1","unstructured":"McKeown N (2009) Software-defined networking. INFOCOM Keynote Talk 17(2):30\u201332"},{"key":"6_CR2","doi-asserted-by":"crossref","unstructured":"McKeown N, Anderson T, Balakrishnan H, Parulkar G, Peterson L, Rexford J, Turner J (2008) OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev 38(2):69\u201374","DOI":"10.1145\/1355734.1355746"},{"key":"6_CR3","unstructured":"Reich J, Monsanto C, Foster N, Rexford J, Walker D (2013) Modular SDN programming with pyretic. Technical report of USENIX"},{"key":"6_CR4","unstructured":"Cox JH Jr, Donovan S, Clark R, Owen H (2016) Ryuretic: a modular framework for RYU. In: IEEE MILCOM2016"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Kim H, Benson T, Akella A, Feamster N (2011) The evolution of network configuration: a tale of two campuses. In: Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, Nov 2011. ACM, pp 499\u2013514","DOI":"10.1145\/2068816.2068863"},{"key":"6_CR6","unstructured":"Kim H, Reich J, Gupta A, Shahbaz M, Feamster N, Clark R (2015) Kinetic: verifiable dynamic network control. In: 12th USENIX symposium on networked systems design and implementation (NSDI 15), pp 59\u201372"},{"key":"6_CR7","doi-asserted-by":"crossref","unstructured":"Tsagkaris et al (2015) Customizable autonomic network management: integrating autonomic network management and software-defined networking. IEEE Veh Technol Mag 10(1):61\u201368","DOI":"10.1109\/MVT.2014.2380633"},{"key":"6_CR8","doi-asserted-by":"crossref","unstructured":"Cox JH Jr, Clark RJ, Owen HL (2016) Security transition framework for software defined networks. In: Proceedings of the 2016 IEEE the first international workshop on security in NFV-SDN (SNS2016), Nov 2016. IEEE","DOI":"10.1109\/NFV-SDN.2016.7919476"},{"key":"6_CR9","unstructured":"Cisco, Network management system: best practices white paper. \n                    http:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/availability\/high-availability\/15114-NMS-bestpractice.html"},{"key":"6_CR10","doi-asserted-by":"crossref","unstructured":"Congdon P, Aboba B, Smith A, Zorn G, Roese J (2003) IEEE 802.1 X remote authentication dial in user service (RADIUS) usage guidelines (No. RFC 3580)","DOI":"10.17487\/rfc3580"},{"key":"6_CR11","unstructured":"ForeScout. \n                    https:\/\/www.forescout.com\/solutions\/use-cases\/network-access-control\/"},{"key":"6_CR12","unstructured":"Cisco NAC. \n                    http:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/security\/nac-appliance-clean-access\/product_data_sheet0900aecd802da1b5.html"},{"key":"6_CR13","unstructured":"Wilkins S (2015) A guide to network access control (NAC) solutions, May 2015. \n                    http:\/\/www.tomsitpro.com\/articles\/network-access-control-solutions,2-916-2.html"},{"key":"6_CR14","unstructured":"Skip Al, A bridge too far: defeating wired 802.1X with a transparent bridge using Linux. \n                    https:\/\/www.defcon.org\/images\/defcon-19\/dc-19-presentations\/Duckwall\/DEFCON-19-Duckwall-Bridge-Too-Far.pdf"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Bari MF, Chowdhury SR, Ahmed R, Boutaba R (2013) PolicyCop: an autonomic QoS policy enforcement framework for software defined networks. In: 2013 IEEE SDN for future networks and services (SDN4FNS), Nov 2013. IEEE, pp 1\u20137","DOI":"10.1109\/SDN4FNS.2013.6702548"},{"key":"6_CR16","doi-asserted-by":"crossref","unstructured":"Casado M, Freedman MJ, Pettit J, Luo J, McKeown N, Shenker S (2007) Ethane: taking control of the enterprise. In: ACM SIGCOMM computer communication review, vol 37, no 4, Aug 2017. ACM, pp 1\u201312","DOI":"10.1145\/1282380.1282382"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Matias J, Garay J, Mendiola A, Toledo N, Jacob E (2014) FlowNAC: flow-based network access control. In: 2014 third European workshop on software defined networks, Sep 2014. IEEE, pp 79\u201384","DOI":"10.1109\/EWSDN.2014.39"},{"key":"6_CR18","unstructured":"POX. \n                    http:\/\/www.noxrepo.org\/pox\/about-pox\/"},{"key":"6_CR19","unstructured":"Ryu. \n                    http:\/\/osrg.github.io\/ryu\/"},{"key":"6_CR20","unstructured":"Lighttpd. \n                    https:\/\/www.lighttpd.net\/"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Lantz B, Heller B, McKeown N (2010) A network in a laptop: rapid prototyping for software-defined networks. In: Proceedings of the 9th ACM SIGCOMM workshop on hot topics in networks, Oct 2010. ACM, p 19","DOI":"10.1145\/1868447.1868466"},{"key":"6_CR22","unstructured":"Cox JH Jr, Ryuretic security policy transition project. \n                    https:\/\/github.com\/Ryuretic\/SecRev"},{"key":"6_CR23","unstructured":"Phaal P (2003) Detecting NAT devices using sFlow. \n                    http:\/\/www.sflow.org\/detectNAT"},{"key":"6_CR24","unstructured":"Cox JH Jr, Ryuretic rogue access point detection. \n                    https:\/\/github.com\/Ryuretic\/RAP"},{"key":"6_CR25","unstructured":"Trusted Computing Group. \n                    https:\/\/trustedcomputinggroup.org\/work-groups\/trusted-network-communications\/"}],"container-title":["Computer Communications and Networks","Guide to Security in SDN and NFV"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-64653-4_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,1,30]],"date-time":"2020-01-30T11:01:01Z","timestamp":1580382061000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-64653-4_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319646527","9783319646534"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-64653-4_6","relation":{},"ISSN":["1617-7975","2197-8433"],"issn-type":[{"type":"print","value":"1617-7975"},{"type":"electronic","value":"2197-8433"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"12 November 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}