Checking multi-domain policies in SDN

Abstract

Programmable Network like SDN allows administrators to program network infrastructure according to service demand and custom-defined policies. Network policies are interpreted by the centralized controller to define actions and rules to process the network traffic on devices that belong to a single domain. However, actual networks are multi-domain where several domains are interconnected. Then, because SDN controllers in a domain cannot define nor monitor policies in other domains, network administrators cannot ensure that their own policies, origin policies are being enforced by the domains not directly managed by them (i.e. foreign domains). We present AudiT, a multi-domain SDN policy verifier that identifies whether an origin policy is enforced by foreign domains. AudiT comprises (1) model for network topology, policies, and flows, (2) an Audit protocol to gather information about the actions performed by network devices to carry the flows of interest, and (3) a validation engine that takes that information and detects security policy violations, and (4) an extension to the OpenFlow protocol to enable external auditing. This paper presents our approach and illustrates its application using an example considering multiple SDN networks.