Journal
IEEE TRANSACTIONS ON CLOUD COMPUTING
Volume 2, Issue 4, Pages 436-447Publisher
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TCC.2014.2355227
Keywords
Software-defined network; Byzantine attack; cloud computing; approximation algorithm
Ask authors/readers for more resources
Software-defined network (SDN) is the next generation of networking architecture that is dynamic, manageable, cost-effective, and adaptable, making it ideal for the high-bandwidth, dynamic nature of today's applications. In SDN, network management is facilitated through software rather than low-level device configurations. However, the centralized control plane introduced by SDN imposes a great challenge for the network security. In this paper, we present a secure SDN structure, in which each device is managed by multiple controllers, not just a single as in a traditional manner, with the dynamic and isolated instance provided by the cloud. It can resist Byzantine attacks on controllers and the communication links between controllers and SDN switches. Furthermore, we study a controller minimization problem with security requirement and propose a cost-efficient controller assignment algorithm with a constant approximation ratio. From the experiment result, the secure SDN structure has little impact on the network latency, provide better security than general distributed controller, and the proposed algorithm performs higher efficiency than random assignment.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available