Towards an access control scheme for accessing flows in SDN

Felix Klaedtke, Ghassan O. Karame, Roberto Bifulco, Heng Cui

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Sharing network resources with user groups, divisions, or even other companies in software defined networking promises better network utilization. Resource sharing is effectively realized by empowering these tenants at the control plane with permissions for administrating network components. However, since the network resources at the data plane are shared and different tenants can have competing objectives, mechanisms are needed to protect the network resources from unauthorized access. In this paper, we propose mechanisms that focus on protecting the network flows, which are determined by the entries installed in the flow tables of the shared switches. To this end, we present an access control scheme, based on the OpenFlow model, for accessing the switches' flow tables and their entries. Our scheme accounts for various security requirements in multi-tenant networks, including requirements on sharing flow table entries for handling network flows, and the resolution of conflicts originating from the reconfiguration of network components.

Original languageEnglish
Title of host publication1st IEEE Conference on Network Softwarization
Subtitle of host publicationSoftware-Defined Infrastructures for Networks, Clouds, IoT and Services, NETSOFT 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781479978991
DOIs
Publication statusPublished - 1 Jun 2015
Event1st IEEE Conference on Network Softwarization, NETSOFT 2015 - London, United Kingdom
Duration: 13 Apr 201517 Apr 2015

Other

Other1st IEEE Conference on Network Softwarization, NETSOFT 2015
CountryUnited Kingdom
CityLondon
Period13/04/1517/04/15

Keywords

  • Access control
  • Network flows
  • OpenFlow
  • Reference monitor
  • Software defined networking

Fingerprint Dive into the research topics of 'Towards an access control scheme for accessing flows in SDN'. Together they form a unique fingerprint.

  • Cite this

    Klaedtke, F., Karame, G. O., Bifulco, R., & Cui, H. (2015). Towards an access control scheme for accessing flows in SDN. In 1st IEEE Conference on Network Softwarization: Software-Defined Infrastructures for Networks, Clouds, IoT and Services, NETSOFT 2015 [7116185] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/NETSOFT.2015.7116185