Typically SDN controller manage network devices (Router, Switches, Servers etc.,) within given service provider or enterprise domains. These controllers are either deployed centrally or distributed across provider network to provide redundancy, however the scope of network devices they manage are limited within operators domain. Many service providers want to launch end-to-end fully automated enterprise services extending across other service providers. They may deploy SDN controllers to program and manage configuration within their own networks; however, coordination of provisioning services in other provider network is either manual or extremely difficult. The techniques presented herein propose method which enables securing end-to-end services in multiple provider SDN deployments using service and flow based security policies. These services and security policies are based on a variety of attributes such as parameters associated with SDN controllers and devices/switches, context information such as location and routing information, and services accessed in SDN as well as security attributes associated with the controllers and switches in different domains. In short, call these as "Policy Attributes", which are significant for securing end to end services in multiple provider SDN deployments. With the techniques presented herein, SDN controllers in multiple provider deployments will be able to securely exchange provisioning configurations, policy parameters, request and share resources based on the access control policies without compromising on privacy.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.