TY - GEN
T1 - LPM
T2 - 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, DBSEC 2014
AU - Han, Wonkyu
AU - Hu, Hongxin
AU - Ahn, Gail-Joon
N1 - Funding Information:
This work was partially supported by the grant from Department of Energy (DE-SC0004308).
PY - 2014
Y1 - 2014
N2 - Software-Defined Networking (SDN) as an emerging paradigm in networking divides the network architecture into three distinct layers such as application, control, and data layers. The multi-layered network architecture in SDN tremendously helps manage and control network traffic flows but each layer heavily relies on complex network policies. Managing and enforcing these network policies require dedicated cautions since combining multiple network modules in an SDN application not only becomes a non-trivial job, but also requires considerable efforts to identify dependencies within a module and between modules. In addition, multi-tenant SDN applications make network management tasks more difficult since there may exist unexpected interferences between traffic flows. In order to accommodate such complex network dynamics in SDN, we propose a novel policy management framework for SDN, called layered policy management (LPM). We also articulate challenges for each layer in terms of policy management and describe appropriate resolution strategies. In addition, we present a proof-of-concept implementation and demonstrate the feasibility of our approach with an SDN-based simulated network.
AB - Software-Defined Networking (SDN) as an emerging paradigm in networking divides the network architecture into three distinct layers such as application, control, and data layers. The multi-layered network architecture in SDN tremendously helps manage and control network traffic flows but each layer heavily relies on complex network policies. Managing and enforcing these network policies require dedicated cautions since combining multiple network modules in an SDN application not only becomes a non-trivial job, but also requires considerable efforts to identify dependencies within a module and between modules. In addition, multi-tenant SDN applications make network management tasks more difficult since there may exist unexpected interferences between traffic flows. In order to accommodate such complex network dynamics in SDN, we propose a novel policy management framework for SDN, called layered policy management (LPM). We also articulate challenges for each layer in terms of policy management and describe appropriate resolution strategies. In addition, we present a proof-of-concept implementation and demonstrate the feasibility of our approach with an SDN-based simulated network.
KW - Policy Management
KW - Security
KW - Software-Defined Networking
UR - http://www.scopus.com/inward/record.url?scp=84958529476&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84958529476&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-43936-4_23
DO - 10.1007/978-3-662-43936-4_23
M3 - Conference contribution
AN - SCOPUS:84958529476
SN - 9783662439357
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 356
EP - 363
BT - Data and Applications Security and Privacy XXVIII - 28th Annual IFIP WG 11.3 Working Conference, DBSec 2014, Proceedings
PB - Springer Verlag
Y2 - 14 July 2014 through 16 July 2014
ER -