IS2N: Intent-Driven Security Software-Defined Network with Blockchain

TL;DR

This paper proposes IS2N, a blockchain-based, intent-driven SDN architecture that enhances security management and network flexibility while maintaining minimal operational impact.

Contribution

It introduces a novel four-layer architecture for intent-driven security SDN with integrated blockchain for secure network state management.

Findings

IS2N improves network security and flexibility.

Blockchain integration enables secure device registration.

Minimal performance impact during network operations.

Abstract

Software-defined network (SDN) is characterized by its programmability, flexibility, and the separation of control and data planes. However, SDN still have many challenges, particularly concerning the security of network information synchronization and network element registration. Blockchain and intent-driven networks are recent technologies to establish secure and intelligent SDN. This article investigates the blockchain-based architecture and intent-driven mechanisms to implement intent-driven security software-defined networks (IS2N). Specifically, we propose a novel four-layer architecture of the IS2N with security capabilities. We integrate an intent-driven security management mechanism in the IS2N to achieve automate network security management. Finally, we develop an IS2N platform with blockchain middle-layer to achieve security capabilities and security store network-level snapshots, such as device registration and OpenFlow messages. Our simulations show that IS2N is more flexible than conventional strategies at resolving problems during network operations and has a minimal effect on the SDN.