Software Defined Networking (SDN) and its one possible realization, OpenFlow, define the trends of future networks. However, the present OpenFlow architecture does not allow the switches to be mobile e.g., in a moving train as it would disrupt flow processing from network switches. We present OFHIP, an architecture that enables OpenFlow switches to change their IP addresses securely during mobility. OFHIP employs IPSec encapsulated security payload (ESP) in transport mode for protection against DoS, data origin authenticity, connectionless integrity, anti-replay protection, and limited traffic flow confidentiality. We demonstrate the benefits of OFHIP compared to present use of SSL in enabling mobility, reducing the connection latency and improving the resilience to known TCP-level attacks.
|Title of host publication||SDN4FNS 2013 - 2013 Workshop on Software Defined Networks for Future Networks and Services|
|Publication status||Published - 2013|
|MoE publication type||A4 Article in a conference publication|
|Event||Workshop on Software Defined Networks for Future Networks and Services, SDN4FNS 2013 - Trento, Italy|
Duration: 11 Nov 2013 → 13 Nov 2013
|Conference||Workshop on Software Defined Networks for Future Networks and Services, SDN4FNS 2013|
|Period||11/11/13 → 13/11/13|