The OpenFlow® protocol especially OpenFlow® Discovery Protocol (OFDP) utilizes clear text Link Layer Discovery Protocol (LLDP) message exchanges to discover network topology. Such exchanges lack security and may lead to network attacks such as LLDP flooding, link fabrication, etc. Currently, the OpenFlow® protocol both in the case of discovery (OFDP) as well during subsequent communication between a controller and a switch (even with Transport Layer Security (TLS)) does not offer a way to understand whether or not a discovered controller or switch is a trustworthy device. Presented herein are techniques that provide Trusted Platform Module (TPM) and blockchain-based trust establishment for OpenFlow® protocol communications that may be utilized between controllers and switches in multi-provider software defined network (SDN) deployments.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.