Flux Research Group / School of Computing
OpenEdge: Open Service Edge Network logo

OpenEdge: Open Service Edge Network

High performance edge networks, such as fiber-to- the-premises (FTTP), are increasingly being deployed by municipalities and communities to support advanced services and applications. The complexity of operating these networks often means that their full potential is not being reached and they are relegated to being fast access pipes to the Internet. In this work we are developing a dynamic and secure open service edge network architecture, called OpenEdge. OpenEdge provides a control architecture that automates the configuration of the edge network in a cloud-like manner to simplify the introduction of new network services and applications.


In OpenEdge we address these challenges via two complementary and interacting components. First, FlowOps implements the network abstraction offered to service and application providers and realizes the underpinnings of that abstraction on the physical network. FlowOps provides a simple API that allows service/application providers to treat the entire network as a “big switch”. This leaves the service providers free to focus on the semantics and logic of the service/application they want to provide. The minimal semantics of the FlowOps API means that the network operator is free to implement underlying connectivity using any technology they desire. The only requirement is that strong isolation is provided between network resources associated with different services.

The second OpenEdge architectural component, SecureOps, deals with authenticated access to the network and services/ap- plications available on the network. The SecureOps design is inspired by the security framework used in cellular networks. Specifically, in SecureOps, access to a network service is authenticated via security credentials contained in a virtual subscriber identity module (V-SIM). Unlike a physical SIM, the V-SIM allows separate credentials for different services, allowing a more fine-grained service model. Our V-SIM can be realized solely in software, or made more secure by utilizing Trusted Platform Module (TPM) functionality.


We are working with a local startup, called EntryPoint, on realizing the OpenEdge architecture.