Checking Multi-domain Policies in SDN

Ferney A. Maldonado-Lopez, Eusebi Calle, Yezid Donoso


Programmable Network like SDN allows administrators to program network nfrastructure according to service demand and custom-defined policies. Network olicies are interpreted by the centralized controller to define actions and rules to rocess the network traffic on devices that belong to a single domain. However, actual etworks are multi-domain where several domains are interconnected. Then, because DN controllers in a domain cannot define nor monitor policies in other domains, etwork administrators cannot ensure that their own policies, origin policies are being nforced by the domains not directly managed by them (i.e. foreign domains). e present AudiT, a multi-domain SDN policy verifier that identifies whether an rigin policy is enforced by foreign domains. AudiT comprises (1) model for network opology, policies, and flows, (2) an Audit protocol to gather information about the ctions performed by network devices to carry the flows of interest, and (3) a validation ngine that takes that information and detects security policy violations, and (4) an extension to the OpenFlow protocol to enable external auditing. This paper resents our approach and illustrates its application using an example considering ultiple SDN networks.


Network Operating Systems, Software-Defined Networking, Network management, Policy Verification

Full Text:



Al-Shaer, E.; Marrero, W.; El-Atawy, A.; Elbadawi, K. (2009); Network configuration in box: towards end-to-end verification of network reachability and security, 17th IEEE nternational Conference on Network Protocols, ICNP 2009, 123-132.

Canini, M.; Venzano, D.; Perešíni, P.; Kostić, D.; Rexford, J. (2012); A NICE way to test penFlow applications, Proceedings of the 9th USENIX conference on Networked Systems esign and Implementation, USENIX Association, 10-10.

Gude, N.; Koponen, T.; Pettit, J.; Pfaff, B.; Casado, M.; McKeown, N.; Shenker, S. (2008) NOX: towards an operating system for networks, SIGCOMM Comput. Commun. ev., ACM, 38: 105-110.

Hinrichs, T. L.; Gude, N. S.; Casado, M.; Mitchell, J. C.; Shenker, S. (2009); Expressing and nforcing Flow-Based Network Security Policies, University of Chicago, Technical report, -20.

Hinrichs, T. L.; Gude, N. S., Casado, M.; Mitchell, J. C.; Shenker, S. (2009); Practical eclarative Network Management, 1st ACM Workshop on Research on Enterprise Networking, 009, 1-10.

Jackson, D. (2002); Alloy: A Lightweight Object Modelling Notation, ACM Trans. Softw. ng. Methodol.; April 2002.

Jackson, D. (2006); Software Abstractions: Logic, Language, and Analysis, The MIT Press, 006.

Harel, D. and Rumpe, B. (2004); Meaningful Modeling: What's the Semantics of "Semantics"?, omputer, IEEE Computer Society Press, 37: 64-72.

Kazemanian, P.; Chang, M.; Zheng, H.; Varghese, G.; McKeown, N. (2013); Real time Network olicy Checking Using Header Space Analysis, Proceeding on Network System Design nd Implementation (NSDI), USENIX, 99-112.

Khurshid, A.; Zou, X.; Zhou, W.; Caesar, M.; Godfrey, P. B. (2013);

VeriFlow: Verifying etwork-Wide Invariants in Real Time, 10th USENIX Symposium on Networked Systems esign and Implementation (NSDI), Proceeding HotSDN '12 Proceedings of the first workshop n Hot topics in software defined networks, 49-54 .

Mai, H.; Khurshid, A.; Agarwal, R.; Caesar, M.; Godfrey, P. B.; King, S. T.(2011); Debugging he data plane with Anteater, SIGCOMM Comput. Commun. Rev., ACM, 41: 290-301.

Maldonado-Lopez, F.; Chavarriaga, J. and Donoso,Y. (2014); Detecting Network Policy onflicts Using Alloy, Abstract State Machines, Alloy, B, TLA, VDM, and Z, Springer erlin Heidelberg, 8477: 314-317.

Maldonado-Lopez, F. A.; Calle, E. and Donoso, Y.; (2015);Detection and prevention of irewall-rule conflicts on software-defined networking, Reliable Networks Design and Modeling (RNDM), 2015 7th International Workshop on, 259-265.

McKeown, N.; Anderson, T.; Balakrishnan, H.; Parulkar, G.; Peterson, L.; Rexford, J.; henker, S.; Turner, J. (2008); OpenFlow: enabling innovation in campus networks, SIGCOMM omput. Commun. Rev., ACM, 38: 69-74.

Mirzaei, S., Bahargam, S. and Skowyra, R. (2013); Using Alloy to Formally odel and Reason About an OpenFlow Network Switch, Technical Report, ttp://

Monsanto, C.; Foster, N.; Harrison, R.; Walker, D. (2012); A Compiler and Run-time System or Network Programming Languages, SIGPLAN, ACM, 47: 217-230

Open Networking Foundation OpenFlow Switch Specification, v.1.3.1, ONF Open Networking oundation, 2012

Porras, P.; Shin, S.; Yegneswaran, V.; Fong, M.; Tyson, M.; Gu, G. (2012) A security nforcement kernel for OpenFlow networks Proceedings of the first workshop on Hot topics n software defined networks, ACM, 121-126.

Reitblatt, M.; Canini, M.; Guha, A.; Foster, N.(2013); FatTire: declarative fault tolerance or software-defined networks, Proceedings of the second ACM SIGCOMM workshop on Hot opics in software defined networking, ACM, 109-114.

Sethi, D.; Narayana, S. and Malik, S. (2013); Abstractions for model checking SDN controllers, ormal Methods in Computer-Aided Design (FMCAD), 2013, 145-148.

Soulé, R.; Basu, S.; Kleinberg, R.; Sirer, E. G.; Foster, N. (2013); Managing the Network ith Merlin, 12th workshop on Hot Topics in Networks, HotNets'13, Nov. 2013, 1-8.

Stone, G.; Lundy, B. and Xie, G. (2001);

Network Policy Languages: A survey and a new pproach, IEEE Network, 15: 10-21.


Copyright (c) 2017 Ferney A. Maldonado-Lopez, Eusebi Calle, Yezid Donoso

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

CC-BY-NC  License for Website User

Articles published in IJCCC user license are protected by copyright.

Users can access, download, copy, translate the IJCCC articles for non-commercial purposes provided that users, but cannot redistribute, display or adapt:

  • Cite the article using an appropriate bibliographic citation: author(s), article title, journal, volume, issue, page numbers, year of publication, DOI, and the link to the definitive published version on IJCCC website;
  • Maintain the integrity of the IJCCC article;
  • Retain the copyright notices and links to these terms and conditions so it is clear to other users what can and what cannot be done with the  article;
  • Ensure that, for any content in the IJCCC article that is identified as belonging to a third party, any re-use complies with the copyright policies of that third party;
  • Any translations must prominently display the statement: "This is an unofficial translation of an article that appeared in IJCCC. Agora University  has not endorsed this translation."

This is a non commercial license where the use of published articles for commercial purposes is forbiden. 

Commercial purposes include: 

  • Copying or downloading IJCCC articles, or linking to such postings, for further redistribution, sale or licensing, for a fee;
  • Copying, downloading or posting by a site or service that incorporates advertising with such content;
  • The inclusion or incorporation of article content in other works or services (other than normal quotations with an appropriate citation) that is then available for sale or licensing, for a fee;
  • Use of IJCCC articles or article content (other than normal quotations with appropriate citation) by for-profit organizations for promotional purposes, whether for a fee or otherwise;
  • Use for the purposes of monetary reward by means of sale, resale, license, loan, transfer or other form of commercial exploitation;

    The licensor cannot revoke these freedoms as long as you follow the license terms.

[End of CC-BY-NC  License for Website User]

INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL (IJCCC), With Emphasis on the Integration of Three Technologies (C & C & C),  ISSN 1841-9836.

IJCCC was founded in 2006,  at Agora University, by  Ioan DZITAC (Editor-in-Chief),  Florin Gheorghe FILIP (Editor-in-Chief), and  Misu-Jan MANOLESCU (Managing Editor).

Ethics: This journal is a member of, and subscribes to the principles of, the Committee on Publication Ethics (COPE).

Ioan  DZITAC (Editor-in-Chief) at COPE European Seminar, Bruxelles, 2015:

IJCCC is covered/indexed/abstracted in Science Citation Index Expanded (since vol.1(S),  2006); JCR2018: IF=1.585..

IJCCC is indexed in Scopus from 2008 (CiteScore2018 = 1.56):

Nomination by Elsevier for Journal Excellence Award Romania 2015 (SNIP2014 = 1.029): Elsevier/ Scopus

IJCCC was nominated by Elsevier for Journal Excellence Award - "Scopus Awards Romania 2015" (SNIP2014 = 1.029).

IJCCC is in Top 3 of 157 Romanian journals indexed by Scopus (in all fields) and No.1 in Computer Science field by Elsevier/ Scopus.


 Impact Factor in JCR2018 (Clarivate Analytics/SCI Expanded/ISI Web of Science): IF=1.585 (Q3). Scopus: CiteScore2018=1.56 (Q2);

SCImago Journal & Country Rank

Editors-in-Chief: Ioan DZITAC & Florin Gheorghe FILIP.