DEFINE: A Service-Oriented Dynamically Enabling Function Model

• Main Authors: Tan Wei-Yi, Sun Zhi-Gang, Quan Wei
• Format: Article
• Language: English
• Published: EDP Sciences 2017-01-01
• Series: ITM Web of Conferences
• Online Access: https://doi.org/10.1051/itmconf/20171203022

With the rapid expansion of network scale and the continuous evolution of network applications, the Internet becomes much more open and uncontrollable, and inevitably faces a variety of security threats. In order to satisfy the requirements of the current Internet security and transmission performance, the general solution is increasing specific devices (e.g., firewalls, network monitors) to detect and defend against attacks. However, these devices typically use a dedicated hardware-based or software-based architecture which is closed, leading to limited scalability, management complexity. And deploying a new application needs to develop new equipment, which take a long development cycle and costs a lot. In this paper, we introduce an innovative Dynamically Enable Function In Network Equipment (DEFINE) to allow tenant get the network service quickly. First, DEFINE decouples an application into different functional components, and connects these function components in a reconfigurable method. Second, DEFINE provides a programmable interface to the third party, who can develop their own processing modules according to their own needs. To verify the effectiveness of this model, we set up an evaluating network with a FPGA-based OpenFlow switch prototype, and deployed several applications on it. Our results show that DEFINE has excellent flexibility and performance.