Towards a secure controller platform for OpenFlow applications

Xitao Wen, Yan Chen, Chengchen Hu, Chao Shi, Yi Wang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

150 Scopus citations

Abstract

The OpenFlow (OF) paradigm embraces third-party development efforts, and therefore suffers from potential trust issue on OF applications (apps). The abuse of such trust could lead to various types of attacks impacting the entire network. In this paper, we propose PermOF, a fine-grained permission system, as the first line of defense, in order to apply minimum privilege on apps. We summarize a set of 18 permissions to be enforced at the API entry of the controller. To accommodate the isolation requirements, we propose a customized isolation mechanism, which achieves comprehensive resource isolation and access control.

Original languageEnglish (US)
Title of host publicationHotSDN 2013 - Proceedings of the 2013 ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking
Pages171-172
Number of pages2
DOIs
StatePublished - 2013
Event2013 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN 2013 - Hong Kong, China
Duration: Aug 16 2013Aug 16 2013

Publication series

NameHotSDN 2013 - Proceedings of the 2013 ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking

Other

Other2013 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN 2013
Country/TerritoryChina
CityHong Kong
Period8/16/138/16/13

Keywords

  • OpenFlow
  • Policy enforcement
  • Security

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint

Dive into the research topics of 'Towards a secure controller platform for OpenFlow applications'. Together they form a unique fingerprint.

Cite this