Enabling secure mobility with OpenFlow

Suneth Namal, Ijaz Ahmad, Andrei Gurtov, Mika Ylianttila

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

27 Citations (Scopus)


Software Defined Networking (SDN) and its one possible realization, OpenFlow, define the trends of future networks. However, the present OpenFlow architecture does not allow the switches to be mobile e.g., in a moving train as it would disrupt flow processing from network switches. We present OFHIP, an architecture that enables OpenFlow switches to change their IP addresses securely during mobility. OFHIP employs IPSec encapsulated security payload (ESP) in transport mode for protection against DoS, data origin authenticity, connectionless integrity, anti-replay protection, and limited traffic flow confidentiality. We demonstrate the benefits of OFHIP compared to present use of SSL in enabling mobility, reducing the connection latency and improving the resilience to known TCP-level attacks.
Original languageEnglish
Title of host publicationSDN4FNS 2013 - 2013 Workshop on Software Defined Networks for Future Networks and Services
Publication statusPublished - 2013
MoE publication typeA4 Article in a conference publication
EventWorkshop on Software Defined Networks for Future Networks and Services, SDN4FNS 2013 - Trento, Italy
Duration: 11 Nov 201313 Nov 2013


ConferenceWorkshop on Software Defined Networks for Future Networks and Services, SDN4FNS 2013


Dive into the research topics of 'Enabling secure mobility with OpenFlow'. Together they form a unique fingerprint.

Cite this