%0 Conference Proceedings
%T LPM: Layered Policy Management for Software-Defined Networks
%+ Arizona State University [Tempe] (ASU)
%+ Clemson University
%A Han, Wonkyu
%A Hu, Hongxin
%A Ahn, Gail-Joon
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 28th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Vienna, Austria
%Y David Hutchison
%Y Takeo Kanade
%Y Bernhard Steffen
%Y Demetri Terzopoulos
%Y Doug Tygar
%Y Gerhard Weikum
%Y Vijay Atluri
%Y Günther Pernul
%Y Josef Kittler
%Y Jon M. Kleinberg
%Y Alfred Kobsa
%Y Friedemann Mattern
%Y John C. Mitchell
%Y Moni Naor
%Y Oscar Nierstrasz
%Y C. Pandu Rangan
%I Springer
%3 Data and Applications Security and Privacy XXVIII
%V LNCS-8566
%P 356-363
%8 2014-07-14
%D 2014
%R 10.1007/978-3-662-43936-4_23
%K Policy Management
%K Software-Defined Networking
%K Security
%Z Computer Science [cs]Conference papers
%X Software-Defined Networking (SDN) as an emerging paradigm in networking divides the network architecture into three distinct layers such as application, control, and data layers. The multi-layered network architecture in SDN tremendously helps manage and control network traffic flows but each layer heavily relies on complex network policies. Managing and enforcing these network policies require dedicated cautions since combining multiple network modules in an SDN application not only becomes a non-trivial job, but also requires considerable efforts to identify dependencies within a module and between modules. In addition, multi-tenant SDN applications make network management tasks more difficult since there may exist unexpected interferences between traffic flows. In order to accommodate such complex network dynamics in SDN, we propose a novel policy management framework for SDN, called layered policy management (LPM). We also articulate challenges for each layer in terms of policy management and describe appropriate resolution strategies. In addition, we present a proof-of-concept implementation and demonstrate the feasibility of our approach with an SDN-based simulated network.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01284871/document
%2 https://inria.hal.science/hal-01284871/file/978-3-662-43936-4_23_Chapter.pdf
%L hal-01284871
%U https://inria.hal.science/hal-01284871
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-LNCS-8566
%~ IFIP-WG11-3