Title :
Securing distributed SDN with IBC
Author :
Jun-Huy Lam ; Sang-Gon Lee ; Hoon-Jae Lee ; Oktian, Yustus Eko
Author_Institution :
Dept. of Ubiquitous IT, Dongseo Univ., Busan, South Korea
Abstract :
In distributed software-defined network (SDN), the east/west-bound protocol describes the communication between the SDN controllers. The security of the east/west-bound protocol ensures that no malicious controllers are eavesdropping on or even driving the network. Southbound protocol defines the communication between the control plane and the data plane. It is also the only SDN communication channel with an agreed protocol, OpenFlow. OpenFlow suggests securing the southbound communication with Transport Layer Security (TLS). However, most current SDN projects do not implement the security segment in both the east/west-bound and southbound communications. Only a few exceptions such as OpenDayLight and HP VAN SDN implement TLS in the southbound communication. In this paper, we propose securing the distributed SDN communication with a multi-domain capable Identity-Based Cryptography (IBC) protocol, particularly for the southbound and east/west-bound communication.
Keywords :
computer network security; cryptographic protocols; software defined networking; telecommunication channels; transport protocols; IBC protocol; OpenFlow; TLS; distributed SDN communication channel security; distributed software defined network; east-west-bound protocol; multidomain capable identity-based cryptography protocol; southbound protocol; transport layer security; Computers; Monitoring; Protocols; Security; Switches; Distributed SDN security; IBC; ID-based Cryptography; SDN security; Southbound security; TLS alternative; east/west-bound security;
Conference_Titel :
Ubiquitous and Future Networks (ICUFN), 2015 Seventh International Conference on
Conference_Location :
Sapporo
DOI :
10.1109/ICUFN.2015.7182680
