A Formal Access Control Model for SE-Floodlight Controller

Software defined networking (SDN) offers a promising approach for the next generation of networking technology. However, at present there is no widely accepted model for network applications authorization. One reason for lack of access control system is the absence of clear definition of an authorization model in SDN. Porras et al \citeporras2015securing recently developed SE-Floodlight for this purpose. They partly employed the notion of the well-known role-based access control (RBAC) model. They informally presented a role-based authorization system to manage applications access rights to network operations, submitted during the interaction between the application layer and the switch-side infrastructure. In this paper we develop a formal role-based authorization model in SDN using SE-Floodlight as a reference controller. Based on the formal model we discuss security aspects and propose some extensions. We also provide an administrative model for the authorization system. We show a configuration of the formal model for a use case scenario and discuss the security aspects of the authorization model and describe some security issues related to over-privileged apps, limitations of role hierarchy, app upgrading, and app downgrading problem. Finally, we propose a refined role hierarchy to address these problems.