| Formatted contents note |
In today's era, large data centers are drawn towards the two popular technologies i.e.,<br/>Enterprise Integration Patterns (EIP) and Software Dened Networking (SDN). The<br/>former is the combination of design patterns that integrates the new and existing business<br/>applications in an enterprise environment whereas, the latter is a rapidly evolving<br/>networking paradigm that has reshaped the large enterprise network management by<br/>introducing programmable planes and centralized control. The SDN-based design provides<br/><br/>exibility in network management which spans over multiple applications e.g.,<br/>routing, switching, forwarding, and controlling. It reduces the reliance on vendorspeci<br/>c devices and middlebox solutions like rewalls, IDS, IPS, etc. The promising<br/>features of EIP i.e., asynchronous communication, reliability, and that of SDN, namely,<br/>robustness, network programmability, agility, and global visibility can be merged, to<br/>cope with growing network demands and security.<br/>In this research, we introduce a new communication framework for enterprise networks<br/>that incorporates EIP in SDN for asynchronous and reliable message exchange<br/>among applications. The proposed communication framework integrates multiple technologies<br/>such as Virtual Local Area Networks (VLANs), Address Resolution Protocol<br/>(ARP), context-aware services, and anonymous communication, to provide accurate,<br/>ecient, and secure network services. Moreover, all the above-mentioned technologies<br/>are implemented as application modules of the RYU SDN controller, and communication<br/>is only allowed between any two applications/services through EIP Channel.<br/>To provide communication within the same network, the proposed communication<br/>framework utilizes the functionality of VLANs by oering an adaptive VLAN Management<br/>module. Using this module, the framework supports reactive VLAN creation and<br/>deletion mechanisms between the communicating hosts. Additionally, VLANs are only<br/>created for the active duration of the communication. Furthermore, to enable communication<br/>between applications from dierent networks in an enterprise environment,<br/>this framework also contains a packet forwarding module where hosts IP addresses are<br/>concealed from each other.<br/>Furthermore, due to the integration of dierent technologies, privacy is one of the<br/>core issues faced by the enterprise. Host anonymity is one of the techniques to safeguard<br/>against privacy attacks; however, the existing anonymization solutions provide<br/>better anonymity, but at the cost of higher latency and are most suited for internet trac. To tackle this issue in an enterprise network, this research oers anonymous<br/>communication among hosts in an enterprise environment. Unlike the traditional networks,<br/>SDN can modify the header elds of packets as they traverse the network from<br/>source to destination. Host anonymity is achieved by replacing the real IP address<br/>with the hoax IP address during the transmission of data packets inside the network.<br/>Similarly, we also present a context-aware communication framework by leveraging<br/>the global visibility feature of SDN. In this context-aware communication, services<br/>are discoverable to the clients without disclosing the addresses of actual application<br/>servers. By using these context-aware services, network trac is routed based on the<br/>application layer information rather than the network layer information.<br/>The evaluation is done using multiple scenarios having dierent host congurations.<br/>We conducted series of experiments to test the accuracy, eciency, computational complexity,<br/>and security of the communication framework. In addition, we also highlighted<br/>that the proposed framework is more suitable for heterogeneous network environments<br/>such as IoT-based solutions. |
