Home → Magazine Archive → September 2022 (Vol. 65, No. 9) → When SDN and Blockchain Shake Hands → Abstract

When SDN and Blockchain Shake Hands

By Majd Latah, Kubra Kalkan

Communications of the ACM, Vol. 65 No. 9, Pages 68-78

[article image]

Recently, software-defined network (SDN) has gained great attention from both industry and academia as a tool to achieve more dynamic control and management compared with traditional networking architectures.11 However, SDN's centralized control has introduced many drawbacks such as Denial of Service (DoS) attacks and single point of failure in the control plane, as well as additional security challenges related to application and data planes, since they need to communicate and interact with the control plane. Any flaw in this interaction can be viewed as a potential threat that must be seriously considered to limit its global impacts over a centralized SDN network. For instance, a hijacked SDN application allows the attacker to insert/modify flow entries of related SDN switches, and consequently exhausts the Ternary Content-Addressable Memory (TCAM) resources. It will be more secure if we authenticate all application flows before provisioning and configuration of data plane resources.

Back to Top

Key Insights


On the other hand, a new technology can be utilized to address these challenges by introducing a fault-tolerate, decentralized control capabilities to the SDN paradigm. Blockchain is one of the most promising solutions toward trustworthy services based on a fault-tolerant, decentralized, and secure distributed ledger. It can be employed in SDN paradigm to provide both operational and structural enhancements. Blockchain (BC) enables monitoring, auditing, and autonomously taking appropriate actions once the preconditions are met. This can be accomplished at the application, the resource, and the flow levels. BC-enabled SDN provides more secure and reliable environment compared with using centralized SDN applications. Additionally, smart contracts can play a vital role in SDN by offloading proactive decision making while protecting SDN against unauthorized parties based on BC principles.


No entries found