EDISON: A Blockchain-based Secure and Auditable Orchestration Framework for Multi-domain Software Defined Networks

Abstract

The emerging networking standards such as 5G and 6G, coupled with technologies like Software Defined Networks (SDN) and Network Function Virtualization (NFV), are increasingly moving towards a multi-tenant and multi-vendor deployment model. Under these circumstances, the hardware vendors rent their networking and computation resources to multiple service providers and application developers. Such a deployment model lets various vendors collaboratively offer networking services to the tenants and the end-users at far greater efficiency and better affordability. However, the issues around trust, ownership, and data security become a concern for tenants and vendors in such multi-tenant and multi-vendor setting. In particular, the centralized nature of SDN controllers, together with the limitations of the contemporary authentication and access control mechanisms, make multi-stakeholder SDN deployments susceptible to several Sybil and trust-related exploits. We present EDISON, a blockchain-based authentication and access control framework, for multi-stakeholder SDN infrastructure that adheres to the Zero-trust security model. It allows the network vendors and third-party service providers to securely set up a service-level agreement while enabling the concerned stakeholders to audit the network operations through an end-to-end encrypted tamper-proof ledger. EDISON creates an ecosystem structured on smart contracts, wherein the network elements rented and used by the tenants interact with the services deployed in the form of contracts to enable decentralized and transparent orchestration.