Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ONOS Security proposal

ONOS Project
January 30, 2015
120

ONOS Security proposal

SRI International/KAIST security proposal for ONOS- targeted for Cardinal release

ONOS Project

January 30, 2015
Tweet

Transcript

  1. Motivation ONOS applications are granted a powerful authority Can perform

    any network operations desired Install flow rules! Read flow statistics! … Modify network topology!? ONOS Network View App 2 control plane data plane Northbound API Southbound API IntentService .submit(A,B) DeviceProviderService .deviceDisconnected(SW1) A B SW1 SW2 A B SW1 SW2 Mission-critical applications may be affected App 1
  2. Offer a new option for granting the true minimum required

    capability to ONOS applications (Least-privileged) Let the network operators know what each ONOS application is capable of Conservative-mode ONOS: The Objectives
  3. Conservative-mode ONOS: Permission model (1) Bundle-level Role-based Access Control (2)

    Application-level Role-based Access Control (3) API-level Permission-based Access Control ONOS applications must ONLY access the NB APIs and other necessary utilities Non-administrative ONOS applications must NOT access the Administrative NB APIs (Admin Services) ONOS application must be granted a permission to make each API call
  4. Conservative-mode ONOS: Policy file (example) (1) Bundle-level Role-based Access Control

    (2) Application-level Role-based Access Control (3) API-level Permission-based Access Control (1) (2) (3) <type> : a bundle is an ONOS application or NOT <role> : an ONOS application is administrative app or NOT <uses-permission> : a list of permissions to be granted to an ONOS app bundle