Universitat de Girona
2016-06-01
Programmable Network like SDN allows administrators to program network nfrastructure according to service demand and custom-defined policies. Network olicies are interpreted by the centralized controller to define actions and rules to rocess the network traffic on devices that belong to a single domain. However, actual etworks are multi-domain where several domains are interconnected. Then, because DN controllers in a domain cannot define nor monitor policies in other domains, etwork administrators cannot ensure that their own policies, origin policies are being nforced by the domains not directly managed by them (i.e. foreign domains). e present AudiT, a multi-domain SDN policy verifier that identifies whether an rigin policy is enforced by foreign domains. AudiT comprises (1) model for network opology, policies, and flows, (2) an Audit protocol to gather information about the ctions performed by network devices to carry the flows of interest, and (3) a validation ngine that takes that information and detects security policy violations, and (4) an extension to the OpenFlow protocol to enable external auditing. This paper resents our approach and illustrates its application using an example considering ultiple SDN networks
Article
Published version
peer-reviewed
English
Ordinadors, Xarxes d'; Computer networks; Xarxes definides per programari (Tecnologia de xarxes d'ordinadors); Software-defined networks (Computer network technology)
Agora University of Oradea (Romania)
info:eu-repo/semantics/altIdentifier/doi/10.15837/ijccc.2016.3.2560
info:eu-repo/semantics/altIdentifier/issn/1841-9836
info:eu-repo/semantics/altIdentifier/eissn/1841-9844
Attribution-NonCommercial 4.0 International
http://creativecommons.org/licenses/by-nc/4.0/
