ITM Web of Conferences (Jan 2017)
DEFINE: A Service-Oriented Dynamically Enabling Function Model
Abstract
With the rapid expansion of network scale and the continuous evolution of network applications, the Internet becomes much more open and uncontrollable, and inevitably faces a variety of security threats. In order to satisfy the requirements of the current Internet security and transmission performance, the general solution is increasing specific devices (e.g., firewalls, network monitors) to detect and defend against attacks. However, these devices typically use a dedicated hardware-based or software-based architecture which is closed, leading to limited scalability, management complexity. And deploying a new application needs to develop new equipment, which take a long development cycle and costs a lot. In this paper, we introduce an innovative Dynamically Enable Function In Network Equipment (DEFINE) to allow tenant get the network service quickly. First, DEFINE decouples an application into different functional components, and connects these function components in a reconfigurable method. Second, DEFINE provides a programmable interface to the third party, who can develop their own processing modules according to their own needs. To verify the effectiveness of this model, we set up an evaluating network with a FPGA-based OpenFlow switch prototype, and deployed several applications on it. Our results show that DEFINE has excellent flexibility and performance.
