4,640 research outputs found
AC-PROT: An Access Control Model to Improve Software-Defined Networking Security
© 2017 IEEE. The logically-centralized controllers have largely operated as the coordination points in software-defined networking(SDN), through which applications submit network operations to manage the global network resource. Therefore, the validity of these network operations from SDN applications are critical for the security of SDN. In this paper, we analyze the mechanism that generates network operations in SDN, and present a fine-grained access control model, called Access Control Protector(AC-PROT),that employs an attribute-based signature scheme for network applications. The simulation result demonstrates that AC-PROT can efficiently identify and reject unauthorized network operations generated by applications
Impact of SDN Controllers Deployment on Network Availability
Software-defined networking (SDN) promises to improve the programmability and
flexibility of networks, but it may bring also new challenges that need to be
explored. The purpose of this technical report is to assess how the deployment
of the SDN controllers affects the overall availability of SDN. For this, we
have varied the number, homing and location of SDN controllers. A two-level
modelling approach that is used to evaluate the availability of the studied
scenarios. Our results show how network operators can use the approach to find
the optimal cost implied by the connectivity of the SDN control platform by
keeping high levels of availability.Comment: Department of Telematics, NTNU, Tech. Rep., March 201
Design Concept for a Failover Mechanism in Distributed SDN Controllers
Software defined networking allows the separation of the control plane and data plane in networking. It provides scalability, programmability, and centralized control. It will use these traits to reach ubiquitous connectivity. Like all concepts software defined networking does not offer these advantages without a cost. By utilizing a centralized controller, a single point of failure is created. To address this issue, this paper proposes a distributed controller failover. This failover will provide a mechanism for recovery when controllers are not located in the same location. This failover mechanism is based on number of hops from orphan nodes to the controller in addition to the link connection. This mechanism was simulated in Long Term Evolution telecommunications architecture
- …