Secure Software-Defined Networking Based on Blockchain

06/11/2019
by   Weng Jiasi, et al.
0

Software-Defined Networking (SDN) separates the network control plane and data plane, which provides a network-wide view with centralized control (in the control plane) and programmable network configuration for data plane injected by SDN applications (in the application plane). With these features, a number of drawbacks of the traditional network architectures such as static configuration, non-scalability and low efficiency can be effectively avoided. However, SDN also brings with it some new security challenges, such as single-point failure of the control plane, malicious flows from applications, exposed network-wide resources and a vulnerable channel between the control plane and the data plane. In this paper, we design a monolithic security mechanism for SDN based on Blockchain. Our mechanism decentralizes the control plane to overcome single-point failure while maintaining a network-wide view. The mechanism also guarantees the authenticity, traceability, and accountability of application flows, and hence secures the programmable configuration. Moreover, the mechanism provides a fine-grained access control of network-wide resources and a secure controller-switch channel to further protect resources and communication in SDN.

READ FULL TEXT

page 6

page 12

page 15

research
11/01/2021

B-DAC: A Decentralized Access Control Framework on Northbound Interface for Securing SDN Using Blockchain

Software-Defined Network (SDN) is a new arising terminology of network a...
research
07/10/2020

Improving Software Defined Cognitive and Secure Networking

Traditional communication networks consist of large sets of vendor-speci...
research
06/25/2020

Blockchain-Aided Flow Insertion and Verification in Software Defined Networks

The Internet of Things (IoT) connected by Software Defined Networking (S...
research
06/24/2023

Towards Greener Data Centers via Programmable Data Plane

The energy demands of data centers are increasing and are expected to gr...
research
08/04/2019

Programmable In-Network Security for Context-aware BYOD Policies

Bring Your Own Device (BYOD) has become the new norm in enterprise netwo...
research
01/21/2020

LOcAl DEcisions on Replicated States (LOADER) in programmable data planes: programming abstraction and experimental evaluation

Programmable data planes recently emerged as a prominent innovation in S...
research
04/15/2019

P4-MACsec: Dynamic Topology Monitoring and Data Layer Protection with MACsec in P4-SDN

We propose P4-MACsec to protect network links between P4 switches throug...

Please sign up or login with your details

Forgot password? Click here to reset