31,954 research outputs found
A Lightweight, Non-intrusive Approach for Orchestrating Autonomously-managed Network Elements
Software-Defined Networking enables the centralized orchestration of data
traffic within a network. However, proposed solutions require a high degree of
architectural penetration. The present study targets the orchestration of
network elements that do not wish to yield much of their internal operations to
an external controller. Backpressure routing principles are used for deriving
flow routing rules that optimally stabilize a network, while maximizing its
throughput. The elements can then accept in full, partially or reject the
proposed routing rule-set. The proposed scheme requires minimal, relatively
infrequent interaction with a controller, limiting its imposed workload,
promoting scalability. The proposed scheme exhibits attracting network
performance gains, as demonstrated by extensive simulations and proven via
mathematical analysis.Comment: 6 pages 7, figures, IEEE ISCC'1
SDNsec: Forwarding Accountability for the SDN Data Plane
SDN promises to make networks more flexible, programmable, and easier to
manage. Inherent security problems in SDN today, however, pose a threat to the
promised benefits. First, the network operator lacks tools to proactively
ensure that policies will be followed or to reactively inspect the behavior of
the network. Second, the distributed nature of state updates at the data plane
leads to inconsistent network behavior during reconfigurations. Third, the
large flow space makes the data plane susceptible to state exhaustion attacks.
This paper presents SDNsec, an SDN security extension that provides
forwarding accountability for the SDN data plane. Forwarding rules are encoded
in the packet, ensuring consistent network behavior during reconfigurations and
limiting state exhaustion attacks due to table lookups. Symmetric-key
cryptography is used to protect the integrity of the forwarding rules and
enforce them at each switch. A complementary path validation mechanism allows
the controller to reactively examine the actual path taken by the packets.
Furthermore, we present mechanisms for secure link-failure recovery and
multicast/broadcast forwarding.Comment: 14 page
Next Generation Cloud Computing: New Trends and Research Directions
The landscape of cloud computing has significantly changed over the last
decade. Not only have more providers and service offerings crowded the space,
but also cloud infrastructure that was traditionally limited to single provider
data centers is now evolving. In this paper, we firstly discuss the changing
cloud infrastructure and consider the use of infrastructure from multiple
providers and the benefit of decentralising computing away from data centers.
These trends have resulted in the need for a variety of new computing
architectures that will be offered by future cloud infrastructure. These
architectures are anticipated to impact areas, such as connecting people and
devices, data-intensive computing, the service space and self-learning systems.
Finally, we lay out a roadmap of challenges that will need to be addressed for
realising the potential of next generation cloud systems.Comment: Accepted to Future Generation Computer Systems, 07 September 201
- …