LPM: Layered policy management for software-defined networks

Wonkyu Han, Hongxin Hu, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations


Software-Defined Networking (SDN) as an emerging paradigm in networking divides the network architecture into three distinct layers such as application, control, and data layers. The multi-layered network architecture in SDN tremendously helps manage and control network traffic flows but each layer heavily relies on complex network policies. Managing and enforcing these network policies require dedicated cautions since combining multiple network modules in an SDN application not only becomes a non-trivial job, but also requires considerable efforts to identify dependencies within a module and between modules. In addition, multi-tenant SDN applications make network management tasks more difficult since there may exist unexpected interferences between traffic flows. In order to accommodate such complex network dynamics in SDN, we propose a novel policy management framework for SDN, called layered policy management (LPM). We also articulate challenges for each layer in terms of policy management and describe appropriate resolution strategies. In addition, we present a proof-of-concept implementation and demonstrate the feasibility of our approach with an SDN-based simulated network.

Original languageEnglish (US)
Title of host publicationData and Applications Security and Privacy XXVIII - 28th Annual IFIP WG 11.3 Working Conference, DBSec 2014, Proceedings
PublisherSpringer Verlag
Number of pages8
ISBN (Print)9783662439357
StatePublished - 2014
Event28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, DBSEC 2014 - Vienna, Austria
Duration: Jul 14 2014Jul 16 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8566 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, DBSEC 2014


  • Policy Management
  • Security
  • Software-Defined Networking

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'LPM: Layered policy management for software-defined networks'. Together they form a unique fingerprint.

Cite this