Published June 5, 2024 | Version v1
Conference paper Open

Implementation of a traffic flow path verification system in a data network

Description

This paper focuses on one of the recent concerns that has arisen regarding the network softwarization, specifically, traffic attestation in service chaining. The central focus of the paper is the design, development, and evaluation of an implementation of Ordered Proof of Transit (OPoT) as a solution to validate flow paths in the network. This solution uses Shamir’s Secret Sharing (SSS) system to add metadata to each packet, updating them at each node or service it traverses until reaching the final destination. This method ensures the validation of services traversed by the packet at the last crossing point, providing an additional layer of security and preventing unauthorized modifications to the flow of data traffic. We report here how a programmable data plane, based on the P4 language, can be used to provide OPoT features dynamically, according to user and network policy requirements. Additionally, a controller will be developed to configure the network nodes, execute OPoT, and monitor the system state.

Files

OPoT_Paper_Javier_Velazquez.pdf

Files (659.2 kB)

Name Size Download all
md5:601979d2f5d943682ff959fbc7575e02
659.2 kB Preview Download