SDNSOC: Object oriented SDN framework

Ankur Chowdhary, Dijiang Huang, Gail-Joon Ahn, Myong Kang, Anya Kim, Alexander Velazquez

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The cloud networks managed by SDN can have multi-tier policy and rule conflicts. The application plane can have conflicting user-defined policies, and the infrastructure layer can have Open-Flow rules conflicting with each other. There is no scalable, and, automated programming framework to detect and resolve multitier conflicts in SDN-based cloud networks. We present an objectoriented programming framework-SDN Security Operation Center (SDNSOC), which handles policy composition at application plane, flow rule conflict detection and resolution at the control plane. We follow the design principles of object-oriented paradigm such as code-re-utilization, methods abstraction, aggregation for the implementation of SDNSOC on a multi-tenant cloud network. The key benefits obtained using this approach are (i) The network administrator is abstracted from complex-implementation details of SFC. The end-to-end policy composition of different network functions is handled by an object-oriented framework in an automated fashion. We achieve 37% lower latency in SFC composition compared to nearest competitors-SICS and PGA. (ii) Policy conflict detection between the existing traffic rules and incoming traffic is handled by SDNSOC in a scalable manner. The solution scales well on a large cloud network., and 18% faster security policy conflict detection on a cloud network with 100k OpenFlow rules compared to similar works-Brew, and Flowguard.

Original languageEnglish (US)
Title of host publicationSDN-NFV 2019 - Proceedings of the ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2019
PublisherAssociation for Computing Machinery, Inc
Pages7-12
Number of pages6
ISBN (Electronic)9781450356350
DOIs
StatePublished - Mar 19 2019
Event2019 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFV 2019, co-located with CODASPY 2019 - Richardson, United States
Duration: Mar 27 2019 → …

Publication series

NameSDN-NFV 2019 - Proceedings of the ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2019

Conference

Conference2019 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFV 2019, co-located with CODASPY 2019
CountryUnited States
CityRichardson
Period3/27/19 → …

Keywords

  • Policy Conflict Detection
  • Service Function Chaining (SFC)
  • Software Defined Networking (SDN)

ASJC Scopus subject areas

  • Information Systems
  • Software
  • Computer Science Applications

Fingerprint Dive into the research topics of 'SDNSOC: Object oriented SDN framework'. Together they form a unique fingerprint.

Cite this