any network operations desired Install flow rules! Read flow statistics! … Modify network topology!? ONOS Network View App 2 control plane data plane Northbound API Southbound API IntentService .submit(A,B) DeviceProviderService .deviceDisconnected(SW1) A B SW1 SW2 A B SW1 SW2 Mission-critical applications may be affected App 1
capability to ONOS applications (Least-privileged) Let the network operators know what each ONOS application is capable of Conservative-mode ONOS: The Objectives
Application-level Role-based Access Control (3) API-level Permission-based Access Control ONOS applications must ONLY access the NB APIs and other necessary utilities Non-administrative ONOS applications must NOT access the Administrative NB APIs (Admin Services) ONOS application must be granted a permission to make each API call
(2) Application-level Role-based Access Control (3) API-level Permission-based Access Control (1) (2) (3) <type> : a bundle is an ONOS application or NOT <role> : an ONOS application is administrative app or NOT <uses-permission> : a list of permissions to be granted to an ONOS app bundle