Blockchain-based Secure Coordination for Distributed SDN Control Plane
Proceedings of the 2021 IEEE Conference on Network Softwarization: Accelerating Network Softwarization in the Cognitive Age, NetSoft 2021
Software-defined wide-area network (SD-WAN) is an emerging and advanced networking platform extending software-defined networking (SDN) across multiple networking domains. Because SD-WAN manages the data plane in the networking domains separated by the public Internet, SDWAN provides a distinct environment and challenges from SDN, including greater risks for the security threats injecting control plane communications from attackers residing outside of the SDN domain. We design and build blockchain-coordinating controllers (BCC) to secure control communications of the SD-WAN controller network formed by the distributed controllers spread across multiple domains. BCC provides resiliency against the security threats in the control plane where an attacker compromises controller communications to manipulate the coordination and the operations of the other controllers. More specifically, BCC provides secure control communications even when up to n controllers' networking credentials are compromised. BCC is also designed for modularity so that it applies generally across the controller implementations. We prototype BCC using Ethereum and smart contract on CloudLab to validate its effectiveness and efficiency. We experiment on geographically separate nodes on CloudLab and show that BCC achieves the distributed consensus at sub-second level for certificate/key distribution and for network-wide control communication synchronization.
National Science Foundation
Blockchain, Control Communication, Distributed PKI, Ethereum, SD-WAN, SDN, Smart Contract
Wenjun Fan, Sang Yoon Chang, Shubham Kumar, Xiaobo Zhou, and Younghee Park. "Blockchain-based Secure Coordination for Distributed SDN Control Plane" Proceedings of the 2021 IEEE Conference on Network Softwarization: Accelerating Network Softwarization in the Cognitive Age, NetSoft 2021 (2021): 253-257. https://doi.org/10.1109/NetSoft51509.2021.9492615