SDNKeeper: Lightweight Resource Protection and Management System for SDN-Based Cloud

Xue Leng, Kaiyu Hou, Yan Chen, Kai Bu, Libin Song

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

SDN-based cloud has the merit of allowing more flexibility in network management, however, the security of network accessing and the correctness of network configuration in SDN-based cloud have not been effectively addressed yet. In this paper, SDNKeeper, a generic and fine-grained policy enforcement system in SDN-based cloud is proposed, which can defend against unauthorized attacks and avoid network resource misconfiguration. With the usage of SDNKeeper, numerous flexible network management policies can be created by administrators, which give administrators the discretionary room on controlling the network resources. To be specific, SDNKeeper can reject any unauthorized network access request at Northbound Interface (NBI), which located between application plane and control plane. Moreover, compared with other traditional policy-based access control systems, SDNKeeper is totally application-transparent and lightweight, which is easy to implement, deploy and runtime configure. Based on the prototype implementation and evaluation, we conclude that SDNKeeper can perform access control accurately with negligible computation overhead whilst the throughput degradation is still within the acceptable range.

Original languageEnglish (US)
Title of host publication2018 IEEE/ACM 26th International Symposium on Quality of Service, IWQoS 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538625422
DOIs
StatePublished - Jan 22 2019
Event26th IEEE/ACM International Symposium on Quality of Service, IWQoS 2018 - Banff, Canada
Duration: Jun 4 2018Jun 6 2018

Publication series

Name2018 IEEE/ACM 26th International Symposium on Quality of Service, IWQoS 2018

Conference

Conference26th IEEE/ACM International Symposium on Quality of Service, IWQoS 2018
CountryCanada
CityBanff
Period6/4/186/6/18

    Fingerprint

Keywords

  • Access Control
  • Network Management
  • SDN-based Cloud
  • Software Defined Networking
  • Unauthorized Attack

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Management of Technology and Innovation
  • Computer Networks and Communications
  • Media Technology

Cite this

Leng, X., Hou, K., Chen, Y., Bu, K., & Song, L. (2019). SDNKeeper: Lightweight Resource Protection and Management System for SDN-Based Cloud. In 2018 IEEE/ACM 26th International Symposium on Quality of Service, IWQoS 2018 [8624135] (2018 IEEE/ACM 26th International Symposium on Quality of Service, IWQoS 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/IWQoS.2018.8624135