Novel framework for enhancing security of SDN based VPLS architecture

Software-Defined Networking (SDN) is an emerging technology that enables the extension of a single Ethernet broadcast domain over a wide area network. However, there are still several major network security threats that could lead to network and resource unavailability, man-in-the-middle attacks, cryptographic flaws, and other vulnerabilities. This paper presents a method that proposes the use of Trusted Platform Module (TPM)-based SDN Virtual Private LAN Services (VPLS), which is intended to provide a secure solution that can help mitigate various network attacks. Open VSwitch (OVS) is a virtual switch that can be used to implement SDN-based VPLS networks. Direct Anonymous Attestation (DAA) is used to verify the authenticity of hardware devices without revealing any identifying information about the devices. The proposed architecture is implemented in a testbed to analyze the performance. The results show that TPM can be utilized in an SDN network to enhance security by securely storing encryption keys and certificates