ABSTRACT
Software Defined Internet Exchange Points (SDXes) increase the flexibility of interdomain traffic delivery on the Internet. Yet, an SDX inherently requires multiple participants to have access to a single, shared physical switch, which creates the need for an authorization mechanism to mediate this access. In this paper, we introduce a logic and mechanism called FLANC (A Formal Logic for Authorizing Network Control), which authorizes each participant to control forwarding actions on a shared switch and also allows participants to delegate forwarding actions to other participants at the switch (e.g., a trusted third party). FLANC extends "says" and "speaks for" logic that have been previously designed for operating system objects to handle expressions involving network traffic flows. We describe FLANC, explain how participants can use it to express authorization policies for realistic interdomain routing settings, and demonstrate that it is efficient enough to operate in operational settings.
- M. Abadi. Access Control in a Core Calculus of Dependency. Electronic Notes in Theoretical Computer Science, 172:5--31, 2007. (Cited on pages 2 and 5.) Google ScholarDigital Library
- M. Abadi. Variations in Access Control Logic. In Deontic Logic in Computer Science, pages 96--109. Springer, 2008. (Cited on pages 2 and 5.) Google ScholarDigital Library
- M. Abadi, M. Burrows, B. Lampson, and G. Plotkin. A Calculus for Access Control in Distributed Systems. ACM Transactions on Programming Languages and Systems (TOPLAS), 15(4):706--734, 1993. (Cited on pages 2 and 5.) Google ScholarDigital Library
- A. W. Appel and E. W. Felten. Proof-carrying authentication. In Proceedings of the 6th ACM Conference on Computer and Communications Security, pages 52--62. ACM, 1999. (Cited on pages 2 and 5.) Google ScholarDigital Library
- Arbor Networks' DDoS Protection. arbornetworks.com/ddos-attacks. (Cited on page 1.)Google Scholar
- J. Bailey, D. Pemberton, A. Linton, C. Pelsser, and R. Bush. Enforcing rpki-based routing policy on the data plane at an internet exchange. In Proceedings of the Third Workshop on Hot Topics in Software Defined Networking, HotSDN'14, pages 211--212, New York, NY, USA, 2014. ACM. (Cited on page 5.) Google ScholarDigital Library
- I. Baldin, S. Huang, and R. Gopidi. A Resource Delegation Framework for Software Defined Networks. In HotSDN'14, pages 49--54, Chicago, IL, August 2014. ACM. (Cited on page 5.) Google ScholarDigital Library
- M. Blaze, J. Feigenbaum, and A. D. Keromytis. Keynote: Trust management for public-key infrastructures. In Security Protocols, pages 59--63. Springer, 1999. (Cited on page 5.) Google ScholarDigital Library
- H. DeYoung, D. Garg, and F. Pfenning. An authorization logic with explicit time. In Computer Security Foundations Symposium, 2008. CSF'08. IEEE 21st, pages 133--145. IEEE, 2008. (Cited on page 2.) Google ScholarDigital Library
- A. D. Ferguson, A. Guha, C. Liang, R. Fonseca, and S. Krishnamurthi. Participatory networking: An api for application control of sdns. In ACM SIGCOMM Computer Communication Review, volume 43, pages 327--338. ACM, 2013. (Cited on page 5.) Google ScholarDigital Library
- N. Foster, A. Guha, M. Reitblatt, A. Story, M. J. Freedman, N. P. Katta, C. Monsanto, J. Reich, J. Rexford, C. Schlesinger, A. Story, and D. Walker. Languages for Software-Defined Networks. IEEE Communications Magazine, 51(2):128--134, 2013. (Cited on pages 2 and 3.)Google ScholarCross Ref
- A. Gupta, R. MacDavid, R. Birkner, M. Canini, N. Feamster, J. Rexford, and L. Vanbever. An industrial-scale software defined internet exchange point. In USENIX NSDI, Santa Clara, CA, 2016. (Not cited.) Google ScholarDigital Library
- A. Gupta, L. Vanbever, M. Shahbaz, S. P. Donovan, B. Schlinker, N. Feamster, J. Rexford, S. Shenker, R. Clark, and E. Katz-Bassett. SDX: A Software Defined Internet Exchange. In ACM SIGCOMM, pages 579--580, Chicago, IL, 2014. ACM. (Cited on pages 1 and 4.) Google ScholarDigital Library
- G. Huston and R. Bush. Securing BGP. Internet Protocol Journal, 14(2), June 2011. (Cited on page 1.)Google Scholar
- iSDX Github Repository. https://github.com/sdn-ixp/iSDX. (Cited on pages 2 and 4.)Google Scholar
- T. Jim. Sd3: A trust management system with certified evaluation. In Security and Privacy, 2001. S&P 2001. Proceedings. 2001 IEEE Symposium on, pages 106--115. IEEE, 2001. (Cited on page 5.) Google ScholarDigital Library
- P. Kazemian, G. Varghese, and N. McKeown. Header Space Analysis: Static Checking for Networks. In USENIX Conference on Networked Systems Design and Implementation (NSDI), San Jose, CA, May 2012. (Cited on page 2.) Google ScholarDigital Library
- B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems (TOCS), 10(4):265--310, 1992. (Cited on pages 2 and 5.) Google ScholarDigital Library
- N. Li, J. Feigenbaum, and B. N. Grosof. A logic-based knowledge representation for authorization with delegation (extended abstract). In Proceedings of the 1999 IEEE Computer Security Foundations Workshop, pages 162--174. IEEE Computer Society Press, June 1999. (Cited on page 2.) Google ScholarDigital Library
- N. Li, B. N. Grosof, and J. Feigenbaum. Delegation Logic: A logic-based approach to distributed authorization. ACM Transaction on Information and System Security (TISSEC), February 2003. To appear. (Cited on page 2.) Google ScholarDigital Library
- N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust-management framework. In Security and Privacy, 2002. Proceedings. 2002 IEEE Symposium on, pages 114--130. IEEE, 2002. (Cited on pages 2 and 5.) Google ScholarDigital Library
- Namecoin. http://namecoin.info. (Cited on page 3.)Google Scholar
- P. Porras, S. Shin, V. Yegneswaran, M. Fong, M. Tyson, and G. Gu. A Security Enforcement Kernel for OpenFlow Networks. In ACM SIGCOMM Workshop on Hot Topics in Software Defined Networks (HotSDN), pages 121--126. ACM, 2012. (Cited on page 5.) Google ScholarDigital Library
- RadWare DefensePro. http://www.radware.com/Products/DefensePro/. (Cited on page 1.)Google Scholar
- T. Reddy, P. Patil, M. Geller, D. Wing, S. Rao, and M. Boucadair. Information model for ddos open threat signaling (dots), 2015. (Cited on pages 4 and 5.)Google Scholar
- F. B. Schneider, K. Walsh, and E. G. Sirer. Nexus Authorization Logic (NAL): Design Rationale and Applications. ACM Transactions on Information and System Security (TISSEC), 14(1):8, 2011. (Cited on pages 2 and 5.) Google ScholarDigital Library
- R. Sherwood, G. Gibb, K.-K. Yap, G. Appenzeller, M. Casado, N. McKeown, and G. Parulkar. Flowvisor: A network virtualization layer. OpenFlow Switch Consortium, Tech. Rep, 2009. (Cited on page 5.)Google Scholar
- R. Sherwood, G. Gibb, K.-K. Yap, G. Appenzeller, M. Casado, N. McKeown, and G. M. Parulkar. Can the production network be the testbed? In USENIX OSDI, 2010. (Cited on page 5.) Google ScholarDigital Library
- A. Shieh, E. G. Sirer, and F. B. Schneider. Netquery: A knowledge plane for reasoning about network properties. In ACM SIGCOMM Computer Communication Review, volume 41, pages 278--289. ACM, 2011. (Cited on page 5.) Google ScholarDigital Library
- Verisign DDoS Protection. verisigninc.com/website-availability/ddos-protection/index.xhtml. (Cited on page 1.)Google Scholar
- E. Wobber, M. Abadi, M. Burrows, and B. Lampson. Authentication in the Taos Operating System. ACM Transactions on Computer Systems (TOCS), 12(1):3--32, 1994. (Cited on pages 1, 2, 4 and 5.) Google ScholarDigital Library
- W. Zhou, Y. Mao, B. T. Loo, and M. Abadi. Unified declarative platform for secure netwoked information systems. In Data Engineering, 2009. ICDE'09. IEEE 25th International Conference on, pages 150--161. IEEE, 2009. (Cited on page 5.) Google ScholarDigital Library
Index Terms
- Authorizing Network Control at Software Defined Internet Exchange Points
Recommendations
SDX: a software defined internet exchange
SIGCOMM'14BGP severely constrains how networks can deliver traffic over the Internet. Today's networks can only forward traffic based on the destination IP prefix, by selecting among routes offered by their immediate neighbors. We believe Software Defined ...
SDX: a software defined internet exchange
SIGCOMM '14: Proceedings of the 2014 ACM conference on SIGCOMMBGP severely constrains how networks can deliver traffic over the Internet. Today's networks can only forward traffic based on the destination IP prefix, by selecting among routes offered by their immediate neighbors. We believe Software Defined ...
SDX: a software defined internet exchange
SIGCOMM '14: Proceedings of the 2014 ACM conference on SIGCOMMBGP severely constrains how networks can deliver traffic over the Internet. Today's networks can only forward traffic based on the destination IP prefix, by selecting among routes offered by their immediate neighbors. We believe Software Defined ...
Comments