Configuration and Governance of Dynamic Secure SDN

Software Defined Networks (SDN) is a networking paradigm that separates the control plane from the forwarding plane. There is little research on structuring the SDN data plane for security. The Robust Network and Segmentation Algorithm (RNS) is an algorithm based on Product Family Algebra (PFA) that...

Full description

Saved in:
Bibliographic Details
Published in:Procedia computer science 2021, Vol.184, p.131-139
Main Authors: Alabbad, Mohammed, Khedri, Ridha
Format: Article
Language:English
Subjects:
Dynamic SDN
Formal Methods for Network Segmentation
SDN Architecture
SDN Segmentation
Secure SDN
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Software Defined Networks (SDN) is a networking paradigm that separates the control plane from the forwarding plane. There is little research on structuring the SDN data plane for security. The Robust Network and Segmentation Algorithm (RNS) is an algorithm based on Product Family Algebra (PFA) that implements layered defence and segmentation strategies to segment resources towards designing secure networks. In this paper, we present an additional plane in charge of the configuration and governance of SDN data planes that we call Dynamic Configuration and Governance (DCG) plane. It is intended to give agility to dynamic networks. It implements the RNS algorithm in SDN environment. Moreover, we propose and suggest three architectures that use DCG plane. Then we assess the three architectures. The assessment results identify an architecture that is suitable for dynamic networks and another for networks that are more stable regarding changes to policy and network topology.
ISSN:1877-0509
1877-0509
DOI:10.1016/j.procs.2021.03.024