BROWSE
Detail
Journal Article
A Verification Method of SDN Firewall Applications
Cited 7 time in 
Share 
Share
- Authors
- Miyoung KANG, Jin-Young CHOI, Inhye KANG, Hee Hwan KWAK, So Jin AHN, Myung-Ki SHIN
- Issue Date
- 2016-07
- Citation
- IEICE Transactions on Communications, v.E99.B, no.7, pp.1408-1415
- ISSN
- 0916-8516
- Publisher
- 일본, 전자정보통신학회 (IEICE)
- Language
- English
- Type
- Journal Article
- Abstract
- SDN (Software-DefinedNetworking) enables software applications to program individual network devices dynamically and therefore control the behavior of the network as a whole. Incomplete programming and/or inconsistency with the network policy of SDN software applications may lead to verification issues. The objective of this paper is to describe the formal modeling that uses the process algebra called pACSR and then suggest a method to verify the firewall application running on top of the SDN controller. The firewall rules are translated into a pACSR process which acts as the specification, and packet's behaviors in SDN are also translated to a pACSR process which is a role as the implementation. Then we prove the correctness by checking whether the parallel composition of two pACSR processes is deadlock-free. Moreover, in the case of network topology changes, our verification can be directly applied to check whether any mismatches or inconsistencies will occur.
- KSP Keywords
- Firewall Rules, Formal Modeling, Network devices, Parallel composition, Software applications, Software-Defined Networking(SDN), Topology changes, Verification method, deadlock-free, directly applied, network topology