Bring Your Own Controller: Enabling Tenant-defined SDN Apps in IaaS Clouds
Conference Paper
Overview
Research
Identity
Additional Document Info
Other
View All
Overview
abstract
2017 IEEE. The need of customized network functions for enterprises in Infrastructure-as-a-Service (IaaS) clouds is emerging. However, existing network functions in IaaS clouds are very limited, inflexible, and hard to control by the tenants. Recently, the introduction of Software-Defined Networking (SDN) technology brings the hope of flexible control of network flows and creation of diverse network functions. Unfortunately, enterprises lose access to the SDN controller when they move to clouds. Moreover, the cloud SDN controller is only managed by the provider administrators for security and performance reasons. To allow enterprise tenants to develop and deploy their own SDN apps in the cloud, in this paper, we introduce a new cloud usage paradigm: Bring Your Own Controller (BYOC). BYOC offers each tenant an individual SDN controller, where tenants can deploy SDN apps to manage their network. To manage these tenant SDN controllers, we propose BYOC-Visor, a new SDN-based virtualization platform. BYOC-VISOR addresses several security and performance challenges which are specific to IaaS clouds. We show that BYOC-Visor supports different controller platforms and diverse SDN security applications such as firewall, IDS, and access control. We implement a prototype system and the performance evaluation results show that our system has low overhead.
name of conference
IEEE INFOCOM 2017 - IEEE Conference on Computer Communications