An Application Service for Supporting Security Management In Software-Defined Networks

Abstract

Network softwarization is the new approach of transforming traditional telecommunication technology to software-defined networking (SDN) environment to facilitate dynamic and flexible connections. Network functions in software-defined networks have been decoupled into a control plane and a data plane. The control plane has become a new target of network attacks. This paper introduces an application service, also called portal service layer, for dynamically changing the association between an SDN switch and its designated SDN controller without changing the configuration of an SDN system. A portal service layer is deployed between the control plane and the data plane of an SDN system and functions as a communication mesh to forward the communications between the two planes in an SDN system. Portal service layer also consists of its own data plane and control plane. The control plane of the service mesh provides the data plane of the service mesh with up-to-date routing paths within the communication mesh. The data plane of the service mesh enforces the decision of association between an SDN switch and its current designated SDN controller based on the decision made by the control plane of the service mesh.