June 28, 2013

Indiana University to Investigate Secure Software-Defined Networking

Ian Armas Foster

Controlling a network is important for any HPC application, a task made more difficult in a cloud environment where the datacenter and the networking is out of one’s hands. As such, as the US government adapts and expands their cloud computing strategy, developing a software-defined networking strategy is critical.

As a result, Indiana University won $910,000 from the United States Department of Defense for the study of the problems surrounding software-defined networking, including the security of such networking systems.

Understandably, the Department of Defense is highly considered with the security surrounding their implementations. While some organizations such as Google have ensured the security of their networks, there still exists a relative dearth of trust around the internet.

“Google uses SDN networks for its data centers; their physical networks are secure, and everyone in the organization is trusted,” said L. Jean Camp, the professor at Indiana University’s Bloomington School of Informatics and Computing who will lead the Department of Defense-funded initiative. “But like the Internet in the 1980s, the lack of technical security is a result of the organizational and economic environment, so avoiding the same vulnerabilities and trust failures that occur now in the current Internet for future software-defined Internet connections require understanding the security now.”

Camp will be working with Martin Swany, an associate professor of computer science at IU and director of IU’s Indiana Canter for Network Translational Research and Education (InCNTRE) along with network researcher Christopher Small on the security of software-defined networks.

According to Indiana University, the team will use an OpenFlow network to run threat models to examine protocols like device authentication, an important consideration to ensure the software-led processes do not accidentally or intentionally reach out to unauthorized devices in the cloud space.

“Next-generation networking will utilize software as much as hardware, and these resulting software-defined networks will have incredible potential,” said Camp. “They can make networks more secure, more reliable and more manageable. However, if the security in these networks is not done well, attackers will take advantage of the same potential. That is, attacks could be more affordable, more reliable and easier to manage.”

Share This