Publication Details

High Level Policies in SDN

POLČÁK, L.; CALDAROLA, L.; CUDA, D.; DONDERO, M.; FICARA, D.; FRANKOVÁ, B.; HOLKOVIČ, M.; CHOUKIR, A.; MUCCIFORA, R.; TRIFILO, A. High Level Policies in SDN. In Communications in Computer and Information Science. Communications in Computer and Information Science. Berlin: Springer International Publishing, 2016. p. 39-57. ISBN: 978-3-319-30221-8. ISSN: 1865-0929.
Czech title
Vysokoúrovňové politiky v SDN
Type
conference paper
Language
English
Authors
Polčák Libor, Ing., Ph.D. (DIFS)
Caldarola Leo (FIT)
Cuda Davide (FIT)
Dondero Marco (FIT)
Ficara Domenico (FIT)
Franková Barbora, Ing.
Holkovič Martin, Ing., Ph.D.
Choukir Amine (FIT)
Muccifora Roberto (FIT)
Trifilo Antonio (FIT)
URL
Keywords

Application-aware network; Data planes; High level policies; IP addresss; Network traffic; Packet routes; Port numbers; Security threats

Abstract

Policies for network traffic handling define packet routes through networks, enforce required quality of service, and protect networks from security threats. When expressing a policy, one needs to characterise the traffic to which the policy applies by traffic identifiers. Low level traffic identifiers, such as IP addresses and port numbers, are available in each packet. Indeed, low level traffic identifiers are perfect for data plane routing and switching. However, high level traffic identifiers, such as user name and application name, are better for the readability and clarity of a policy. In this paper, we extend software defined networks with high level traffic identifiers. We propose to add additional interface to SDN controllers for collecting traffic meta data and high level traffic identifiers. The controller maintains a database that maps high level traffic identifiers to a set of flows defined by low level traffic identifiers. SDN applications can apply policies based on both high level and low level traffic identifiers. We leave the southbound protocols intact. This paper provides two examples of High Level SDN paradigms - Application-Aware Networks and Identity-Aware Networks. The first paradigm enables policies depending on application names and characteristics. The latter allows policies based on user names and their roles.

Published
2016
Pages
39–57
Journal
Communications in Computer and Information Science, vol. 585, no. 1, ISSN 1865-0929
Proceedings
Communications in Computer and Information Science
ISBN
978-3-319-30221-8
Publisher
Springer International Publishing
Place
Berlin
DOI
UT WoS
000378740100002
EID Scopus
BibTeX
@inproceedings{BUT130913,
  author="Libor {Polčák} and Leo {Caldarola} and Davide {Cuda} and Marco {Dondero} and Domenico {Ficara} and Barbora {Franková} and Martin {Holkovič} and Amine {Choukir} and Roberto {Muccifora} and Antonio {Trifilo}",
  title="High Level Policies in SDN",
  booktitle="Communications in Computer and Information Science",
  year="2016",
  journal="Communications in Computer and Information Science",
  volume="585",
  number="1",
  pages="39--57",
  publisher="Springer International Publishing",
  address="Berlin",
  doi="10.1007/978-3-319-30222-5\{_}2",
  isbn="978-3-319-30221-8",
  issn="1865-0929",
  url="http://link.springer.com/chapter/10.1007%2F978-3-319-30222-5_2"
}
Back to top