Contents
Introduction
During the Beryllium release we plan to develop the Unified-Security plugin as an OSGi Bundle that collates all security related information for the controller and stores it in a database. Also, the plugin will expose the database contents via Restconf interface for any North Bound App to add logic for programming flows to protect the controller.The logic to protect the controller from packet-in attack will be part of the Beryllium release.
Release Deliverables
| Name | Description |
|---|
| USecPlugin | * Creating the USecPlugin
* Exposing Restconf interface for NB Application from USecPlugin (for accessing USecPlugin data)
* Adding logic in USecPlugin to detect Packet-In attack
* Creation of persistent datastore with security related information.
|
Release Milestones
| Milestone | Offset 2 Date | Deliverables |
|---|
| M1 | 8/6/2015 | | Name | Status | Description |
|---|
| Intent to participate | Done | Intent to participate in Beryllium Simultaneous Release | | Candidate Release Plan | Done | Candidate Release Plan |
|
| M2 | 9/3/2015 | | Name | Status | Description |
|---|
| Release Plan | Done | Final Release Plan | | U-Sec Plugin Skeleton | Done | Design a basic U-Sec Plugin Skeleton for developing an OSGi plugin that registers with the MD-SAL for Packet-In message notification. |
|
| M3 | 10/15/2015 | | Name | Status | Description |
|---|
| API Freeze | Done | Finalize RestAPI and JAVA API signatures to be exposed by Security Plugin. | | Data Store Creation | Done | Yang Model Creation and subsequent Java implementation to write Packet-In message content to the Data-Store. | | Feature | Done | Logic and code development for calculation of pps in real time | | Feature | Done | Logic and code development for choosing the upper and lower water marks that will raise alarms and subsequent packet_in header information retention. |
|
| M4 | 12/3/2015 | | Name | Status | Description |
|---|
| Notification design | Done | Yang Model Expansion with Notification details for upper and lower water marks breach and subsequent Java Implementation | | RPC Design | Done | Yang Model Expansion with RPC details and subsequent Java Implementation. | | Persistent DataStore | Done | Creation of a persistent datastore to keep security related information generated by the plugin. |
|
| M5 | 1/14/2016 | | Name | Status | Description |
|---|
| Documentation | Done | Update wiki documentation to reflect new feature(s). | | Feature Test | Done | Run system test for a feature. |
|
| RC0 | N/A | | Name | Status | Description |
|---|
| Deliverable Name |
| Deliverable Description |
|
| RC1 | N/A | | Name | Status | Description |
|---|
| Deliverable Name |
| Deliverable Description |
|
| RC2 | N/A | | Name | Status | Description |
|---|
| Release Review |
| Release Review Description | | Deliverable Name |
| Deliverable Description |
|
| RC3 | 01/28/2016 | | Name | Status | Description |
|---|
| Release Review |
| Release Review Description | | Deliverable Name |
| Deliverable Description |
|
| Formal Release | 02/04/2016 | | Name | Status | Description |
|---|
| Deliverable Name |
| Deliverable Description |
|
Expected Dependencies on Other Projects
None Listed
Expected Incompatibilities with Other Projects
None
Compatibility with Previous Releases
List of Externally Consumable APIs
- RPC - Number of OpenFlow Packet_In Attacks from Switch with DeviceID
- RPC - Number of OpenFlow Packet_In Attacks from SrcIP Address
- RPC - Number of OpenFlow Packet_In Attacks to DstIP Address
- RPC - Number of OpenFlow Packet_In Attacks at a Particular Time with a variable Window Time
- Notification - Low Water Mark Breached
Themes and Priorities
Requests from Other Projects
None Listed
- Java unit and integration tests
Other
Primary Setup Contact :
Thomas Lee Sebastian (thomaslee.s@tcs.com)
Rafat Jahan (rafat.jahan@tcs.com)
Test Contact :
Rafat Jahan (rafat.jahan@tcs.com)
Document Contact :
Rafat Jahan (rafat.jahan@tcs.com)
Committers :
Thomas Lee Sebastian (thomaslee.s@tcs.com)
Rafat Jahan (rafat.jahan@tcs.com)
Deepika Gupta (gupta.deepika1@tcs.com)