Conference paper

POLČÁK Libor, CALDAROLA Leo, CUDA Davide, DONDERO Marco, FICARA Domenico, FRANKOVÁ Barbora, HOLKOVIČ Martin, CHOUKIR Amine, MUCCIFORA Roberto and TRIFILO Antonio. High Level Policies in SDN. In: E-Business and Telecommunications. Berlin: Springer International Publishing, 2016, pp. 39-57. ISBN 978-3-642-35754-1. ISSN 1865-0929. Available from:
Publication language:english
Original title:High Level Policies in SDN
Title (cs):Vysokoúrovňové politiky v SDN
Proceedings:E-Business and Telecommunications
Conference:6th International Conference on Data Communication Networking
Place:Berlin, DE
Journal:Communications in Computer and Information Science, Vol. 2016, No. 585, Heidelberg, DE
Publisher:Springer International Publishing
Application-aware network; Data planes; High level policies; IP addresss; Network traffic; Packet routes; Port numbers; Security threats
Policies for network traffic handling define packet routes through networks, enforce required quality of service, and protect networks from security threats. When expressing a policy, one needs to characterise the traffic to which the policy applies by traffic identifiers. Low level traffic identifiers, such as IP addresses and port numbers, are available in each packet. Indeed, low level traffic identifiers are perfect for data plane routing and switching. However, high level traffic identifiers, such as user name and application name, are better for the readability and clarity of a policy. In this paper, we extend software defined networks with high level traffic identifiers. We propose to add additional interface to SDN controllers for collecting traffic meta data and high level traffic identifiers. The controller maintains a database that maps high level traffic identifiers to a set of flows defined by low level traffic identifiers. SDN applications can apply policies based on both high level and low level traffic identifiers. We leave the southbound protocols intact. This paper provides two examples of High Level SDN paradigms - Application-Aware Networks and Identity-Aware Networks. The first paradigm enables policies depending on application names and characteristics. The latter allows policies based on user names and their roles.
   author = {Libor Pol{\v{c}}{\'{a}}k and Leo Caldarola and Davide Cuda
	and Marco Dondero and Domenico Ficara and Barbora
	Frankov{\'{a}} and Martin Holkovi{\v{c}} and Amine Choukir
	and Roberto Muccifora and Antonio Trifilo},
   title = {High Level Policies in SDN},
   pages = {39--57},
   booktitle = {E-Business and Telecommunications},
   journal = {Communications in Computer and Information Science},
   volume = {2016},
   number = {585},
   year = {2016},
   location = {Berlin, DE},
   publisher = {Springer International Publishing},
   ISBN = {978-3-642-35754-1},
   ISSN = {1865-0929},
   language = {english},
   url = {}

Your IPv4 address:
Switch to IPv6 connection

DNSSEC [dnssec]