Risk-Based Packet Routing for Privacy and Compliance-Preserving SDN
Software Defined Networking (SDN) is increasingly being used in data centers as well as enterprise networks. In an environment that has strict compliance requirements, such as HIPAA compliance, a critical role for an SDN controller is to route all data packets while considering data privacy preservation and compliance-preservation. In this paper, we address this problem by proposing a routing protocol for SDN which is an efficient risk-based swarm routing protocol. The programmable capability of controllers is exploited in order to minimize privacy and compliance risks in data transmission. The proposed routing protocol is based on the Ant Colony Optimization technique and machine learning, while the data for learning is obtained from OVSDB and the OpenvSwitch Database management protocol. We collect a history of packet transfers for training purposes and learn from the training data to efficiently and intelligently route sensitive data packets while it preserves the target compliance. This routing is obtained by intelligent eviction of rules that are downloaded to the switches. We have implemented the proposed schemes based on an RYU controller.