Blockchain-based Secure Coordination for Distributed SDN Control Plane

Authors

Wenjun Fan, University of Colorado at Colorado Springs
Sang Yoon Chang, University of Colorado at Colorado Springs
Shubham Kumar, San Jose State University
Xiaobo Zhou, University of Colorado at Colorado Springs
Younghee Park, San Jose State UniversityFollow

Publication Date

6-28-2021

Document Type

Conference Proceeding

Publication Title

Proceedings of the 2021 IEEE Conference on Network Softwarization: Accelerating Network Softwarization in the Cognitive Age, NetSoft 2021

DOI

10.1109/NetSoft51509.2021.9492615

First Page

253

Last Page

257

Abstract

Software-defined wide-area network (SD-WAN) is an emerging and advanced networking platform extending software-defined networking (SDN) across multiple networking domains. Because SD-WAN manages the data plane in the networking domains separated by the public Internet, SDWAN provides a distinct environment and challenges from SDN, including greater risks for the security threats injecting control plane communications from attackers residing outside of the SDN domain. We design and build blockchain-coordinating controllers (BCC) to secure control communications of the SD-WAN controller network formed by the distributed controllers spread across multiple domains. BCC provides resiliency against the security threats in the control plane where an attacker compromises controller communications to manipulate the coordination and the operations of the other controllers. More specifically, BCC provides secure control communications even when up to n controllers' networking credentials are compromised. BCC is also designed for modularity so that it applies generally across the controller implementations. We prototype BCC using Ethereum and smart contract on CloudLab to validate its effectiveness and efficiency. We experiment on geographically separate nodes on CloudLab and show that BCC achieves the distributed consensus at sub-second level for certificate/key distribution and for network-wide control communication synchronization.

Funding Number

18-086

Funding Sponsor

National Science Foundation

Keywords

Blockchain, Control Communication, Distributed PKI, Ethereum, SD-WAN, SDN, Smart Contract

Department

Computer Engineering

Recommended Citation

Wenjun Fan, Sang Yoon Chang, Shubham Kumar, Xiaobo Zhou, and Younghee Park. "Blockchain-based Secure Coordination for Distributed SDN Control Plane" Proceedings of the 2021 IEEE Conference on Network Softwarization: Accelerating Network Softwarization in the Cognitive Age, NetSoft 2021 (2021): 253-257. https://doi.org/10.1109/NetSoft51509.2021.9492615