EDISON: A Blockchain-based Secure and Auditable Orchestration Framework for Multi-domain Software Defined Networks

Balachandran, Chandrasekar, Puneet, A. C., , & Krishnamachari, Bhaskar (2020) EDISON: A Blockchain-based Secure and Auditable Orchestration Framework for Multi-domain Software Defined Networks. In Proceedings of the 2020 IEEE International Conference on Blockchain (Blockchain 2020). Institute of Electrical and Electronics Engineers Inc., United States of America, pp. 144-153.

View at publisher

Description

The emerging networking standards such as 5G and 6G, coupled with technologies like Software Defined Networks (SDN) and Network Function Virtualization (NFV), are increasingly moving towards a multi-tenant and multi-vendor deployment model. Under these circumstances, the hardware vendors rent their networking and computation resources to multiple service providers and application developers. Such a deployment model lets various vendors collaboratively offer networking services to the tenants and the end-users at far greater efficiency and better affordability. However, the issues around trust, ownership, and data security become a concern for tenants and vendors in such multi-tenant and multi-vendor setting. In particular, the centralized nature of SDN controllers, together with the limitations of the contemporary authentication and access control mechanisms, make multi-stakeholder SDN deployments susceptible to several Sybil and trust-related exploits. We present EDISON, a blockchain-based authentication and access control framework, for multi-stakeholder SDN infrastructure that adheres to the Zero-trust security model. It allows the network vendors and third-party service providers to securely set up a service-level agreement while enabling the concerned stakeholders to audit the network operations through an end-to-end encrypted tamper-proof ledger. EDISON creates an ecosystem structured on smart contracts, wherein the network elements rented and used by the tenants interact with the services deployed in the form of contracts to enable decentralized and transparent orchestration.

Impact and interest:

5 citations in Scopus
3 citations in Web of Science®
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

More statistics...
ID Code: 209250
Item Type: Chapter in Book, Report or Conference volume (Conference contribution)
ORCID iD:
Ramachandran, Gowriorcid.org/0000-0001-5944-1335
Additional Information: Funding Information: DHT Packet Store Contract: This contract logs and stores signed packet blocks constructed by the EPLA. This contract is accessed directly by the Secure logging DApp to service write requests of each network elements EPLA after establishing its session validity. The underlying data store may vary from an actual blockchain, to a peer to peer data store like a distributed hash table, to a simple distributed data store like Amazon S3 or even a central private data store. Funding Information: This work was supported by the USC Viterbi Center for Cyber-Physical Systems and the Internet of Things (CCI).
Measurements or Duration: 10 pages
Keywords: Authentication, Blockchain, Decentralized 5G, NFV, SD-WAN, SDN, Zero-trust
DOI: 10.1109/Blockchain50366.2020.00025
ISBN: 9780738104966
Pure ID: 76720117
Funding Information: This work was supported by the USC Viterbi Center for Cyber-Physical Systems and the Internet of Things (CCI). DHT Packet Store Contract: This contract logs and stores signed packet blocks constructed by the EPLA. This contract is accessed directly by the Secure logging DApp to service write requests of each network elements EPLA after establishing its session validity. The underlying data store may vary from an actual blockchain, to a peer to peer data store like a distributed hash table, to a simple distributed data store like Amazon S3 or even a central private data store.
Copyright Owner: © 2020 IEEE.
Copyright Statement: This work is covered by copyright. Unless the document is being made available under a Creative Commons Licence, you must assume that re-use is limited to personal use and that permission from the copyright owner must be obtained for all other uses. If the document is available under a Creative Commons License (or other specified license) then refer to the Licence for details of permitted re-use. It is a condition of access that users recognise and abide by the legal requirements associated with these rights. If you believe that this work infringes copyright please provide details by email to qut.copyright@qut.edu.au
Deposited On: 29 Mar 2021 00:14
Last Modified: 18 May 2024 10:31

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page

CORE (COnnecting REpositories)