Skip to main content

Advertisement

SpringerLink
Log in

Preserving Privacy of Software-Defined Networking Policies by Secure Multi-Party Computation

  • Regular Paper
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

In software-defined networking (SDN), controllers are sinks of information such as network topology collected from switches. Organizations often like to protect their internal network topology and keep their network policies private. We borrow techniques from secure multi-party computation (SMC) to preserve the privacy of policies of SDN controllers about status of routers. On the other hand, the number of controllers is one of the most important concerns in scalability of SMC application in SDNs. To address this issue, we formulate an optimization problem to minimize the number of SDN controllers while considering their reliability in SMC operations. We use Non-Dominated Sorting Genetic Algorithm II (NSGA-II) to determine the optimal number of controllers, and simulate SMC for typical SDNs with this number of controllers. Simulation results show that applying the SMC technique to preserve the privacy of organization policies causes only a little delay in SDNs, which is completely justifiable by the privacy obtained.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Nadeau T D, Gray K. SDN: Software Defined Networks: An Authoritative Review of Network Programmability Technologies (1st edition). O’Reilly Media, 2013.

  2. Feldmann A, Heyder P, Kreutzer M et al. NetCo: Reliable routing with unreliable routers. In Proc. the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop, June 2016, pp.128-135.

  3. McKeown N, Anderson T, Balakrishnan H et al. OpenFlow: Enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review, 2008, 38(2): 69-74.

    Article  Google Scholar 

  4. Sezer S, Scott-Hayward S, Chouhan P K et al. Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Communications Magazine, 2013, 51(7): 36-43.

    Article  Google Scholar 

  5. Cramer R, Damgård I, Nielsen J B. Secure Multiparty Computation and Secret Sharing (1st edition). Cambridge University Press, 2013.

  6. Yao A C. Protocols for secure computations. In Proc. the 23rd Annual Symposium on Foundations of Computer Science, November 1982, pp.160-164.

  7. Goldreich O, Micali S, Wigderson A. How to play any mental game or a completeness theorem for protocols with honest majority. In Proc. the 19th Annual ACM Symposium on Theory of Computing, January 1987, pp.218-229.

  8. Aven T, Jensen U. Stochastic Models in Reliability (2nd edition). Springer, 2013.

  9. Deb K, Pratap A, Agarwal S, Meyarivan T. A fast and elitist multiobjective genetic algorithm: NSGA-II. IEEE Transactions on Evolutionary Computation, 2002, 6(2): 182-197.

    Article  Google Scholar 

  10. Rekhter Y, Li T. A border gateway protocol 4 (BGP-4). https://www.rfc-editor.org/rfc/pdfrfc/rfc1771.txt.pdf, May 2020.

  11. Zhao M, Zhou W, Gurney A J, Haeberlen A, Sherr M, Loo B T. Private and verifiable interdomain routing decisions. IEEE/ACM Transactions on Networking, 2016, 24(2): 1011-1024.

    Article  Google Scholar 

  12. Gupta D, Segal A, Panda A et al. A new approach to interdomain routing based on secure multi-party computation. In Proc. the 11th ACM Workshop on Hot Topics in Networks, October 2012, pp.37-42.

  13. Asharov G, Demmler D, Schapira M, Schneider T, Segev G, Shenker S, Zohner M. Privacy-preserving interdomain routing at Internet scale. Proceedings on Privacy Enhancing Technologies, 2017, 2017(3): 147-167.

    Article  Google Scholar 

  14. Dethise A, Chiesa M, Canini M. Prelude: Ensuring interdomain loop-freedom in SDN-enabled networks. In Proc. the 2nd Asia-Pacific Workshop on Networking, August 2018, pp.50-56.

  15. Kukkala V B, Saini J S, Iyengar S. Secure multiparty computation of a social network. https://eprint.iacr.org/2015/817.pdf, May 2020.

  16. Boshrooyeh S T, Küpçü A, Özkasap Ö. Privado: Privacypreserving group-based advertising using multiple independent social network providers. https://eprint.iacr.org/2019/372.pdf, May 2020.

  17. Demmler D, Schneider T, Zohner M. Ad-hoc secure twoparty computation on mobile devices using hardware tokens. In Proc. the 23rd USENIX Security Symposium, August 2014, pp.893-908.

  18. Oleshchuk V. Internet of Things and privacy preserving technologies. In Proc. the 1st International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology, May 2009, pp.336-340.

  19. von Maltitz M, Carle G. Leveraging secure multiparty computation in the Internet of Things. In Proc. the 16th Annual International Conference on Mobile Systems, Applications, and Services, June 2018, pp.508-510.

  20. Chiesa M, di Lallo R, Lospoto G, Mostafaei H, Rimondini M, di Battista G. PrIXP: Preserving the privacy of routing policies at Internet eXchange points. In Proc. the 2017 IFIP/IEEE Symposium on Integrated Network and Service Management, May 2017, pp.435-441.

  21. Chiesa M, Demmler D, Canini M, Schapira M, Schneider T. SIXPACK: Securing internet exchange points against curious onlookers. In Proc. the 13th International Conference on Emerging Networking Experiments and Technologies, December 2017, pp.120-133.

  22. Cho C, El Defrawy K, Kim H T J, Lampkins J D. Privacy-preserving multi-client and cloud computation with application to secure navigation. U.S. Patent, 2019. http://www.freepatentsonline.com/20190042788.pdf, May 2020.

  23. Kreutz D, Ramos F M, Veríssimo P, Rothenberg C E, Azodolmolky S, Uhlig S. Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 2015, 103(1): 14-76.

    Article  Google Scholar 

  24. Hazay C, Lindell Y. Efficient Secure Two-Party Protocols: Techniques and Constructions. Springer-Verlag Berlin Heidelberg, 2010.

  25. Schneider T. Engineering Secure Two-Party Computation Protocols: Design, Optimization, and Applications of Efficient Secure Function Evaluation. Springer-Verlag Berlin Heidelberg, 2012.

    Book  Google Scholar 

  26. Shamir A. How to share a secret. Communications of the ACM, 1979, 22(11): 612-613.

    Article  MathSciNet  Google Scholar 

  27. Rabin M O. How to exchange secrets with oblivious transfer. https://eprint.iacr.org/2005/187.pdf, May 2020.

  28. Beaver D. Efficient multiparty protocols using circuit randomization. In Proc. the 11th Annual International Cryptology Conference, August 1991, pp.420-432.

  29. Coolen F P, Coolen-Maturi T. The structure function for system reliability as predictive (imprecise) probability. Reliability Engineering & System Safety, 2016, 154: 180-187.

    Article  Google Scholar 

  30. Rausand M, Høyland A. System Reliability Theory: Models, Statistical Methods and Applications (2nd edition). Wiley-Interscience, 2003.

  31. Gertsbakh I, Shpungin Y. Network Reliability and Resilience. Springer, 2011.

  32. Konak A, Coit D W, Smith A E. Multi-objective optimization using genetic algorithms: A tutorial. Reliability Engineering & System Safety, 2006, 91(9): 992-1007.

    Article  Google Scholar 

  33. Yusoff Y, Ngadiman M S, Zain A M. Overview of NSGAII for optimizing machining process parameters. Procedia Engineering, 2011, 15: 3978-3983.

    Article  Google Scholar 

  34. Marichal J L. Structure functions and minimal path sets. IEEE Transactions on Reliability, 2016, 65(2): 763-768.

    Article  Google Scholar 

  35. Goldreich O. Foundations of Cryptography: Volume 2, Basic Applications (1st edition). Cambridge University Press, 2009.

  36. Deb K. Multi-objective optimization using evolutionary algorithms (1st edition). Wiley, 2001.

  37. Heller B, Sherwood R, McKeown N. The controller placement problem. In Proc. the 1st Workshop on Hot Topics in Software Defined Networks, August 2012, pp.7-12.

Download references

Author information

Authors and Affiliations

  1. Faculty of Computer Engineering, University of Isfahan, Isfahan, 8174673441, Iran

    Maryam Zarezadeh & Hamid Mala

  2. Independent Researcher, Isfahan, 8183913851, Iran

    Homa Khajeh

Authors
  1. Maryam Zarezadeh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hamid Mala
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Homa Khajeh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hamid Mala.

Electronic supplementary material

ESM 1

(PDF 219 kb)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zarezadeh, M., Mala, H. & Khajeh, H. Preserving Privacy of Software-Defined Networking Policies by Secure Multi-Party Computation. J. Comput. Sci. Technol. 35, 863–874 (2020). https://doi.org/10.1007/s11390-020-9247-5

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-020-9247-5

Keywords

Search

Navigation