A trust management framework for software-defined network applications

Zhen Yao, Zheng Yan

    Research output: Contribution to journalArticleScientificpeer-review

    18 Citations (Scopus)
    374 Downloads (Pure)


    The emergence of software-defined network (SDN) has brought unprecedented innovation to current networks. SDN's two most notable features are decoupling and programmability. Decoupling makes network management centralized in a control plane. Meanwhile, having benefitted from the programmable characteristic of SDN, new functions of networking can be easily realized. However, these features also introduce new security issues to SDN. Through the programming interface provided by SDN, software engineers can easily develop network applications to generate networking policies for SDN's control planes for the purpose of guiding network routing. However, it is hard to guarantee the security and quality of these new applications. Malicious or low-quality applications could damage a whole network. To solve this problem, we propose a novel trust management framework for SDN applications in this paper. It can evaluate applications' trust values based on their impact on the network performance (such as time delay, packet loss rate, throughput, etc). These trust values further play a decisive role for managing and selecting applications in SDN. We evaluate this framework's performance through a prototype system implemented based on a floodlight controller. The experimental results show the accuracy and effectiveness of our design.

    Original languageEnglish
    Article numbere4518
    Number of pages18
    JournalConcurrency and Computation: Practice and Experience
    Issue number16
    Early online date4 May 2018
    Publication statusPublished - 25 Aug 2020
    MoE publication typeA1 Journal article-refereed


    • SDN application security
    • software-defined network
    • trust evaluation
    • trust management
    • Trusted Computing Platform


    Dive into the research topics of 'A trust management framework for software-defined network applications'. Together they form a unique fingerprint.

    Cite this