Blockchain and Intent-Based Networking: A Novel Approach to Secure and Accurate Network Policy Implementation

In response to the swift evolution of network technologies, traditional security measures centered on perimeter defenses have become inadequate for the needs of present-day distributed systems. Contemporary paradigms, such as Zero Trust Networking (ZTN) and Software Defined Perimeters (SDP), enhance network security by implementing a “never trust, always verify” model. Establishing trust is a crucial part of security policies that govern access to network resources. Automated policy management, continuous monitoring, and data analytics are required to ensure these policies’ reliability. Intent-Based Networking (IBN) can meet these requirements by translating high-level security policies into network configurations, thus bolstering network management and policy enforcement. Integrating IBN with blockchain technology creates a single source of truth (SSoT) for intent translation, providing an immutable, transaction-based ledger to verify each interaction. Our proposed design employs the open-source Hyperledger Besu for a permissioned blockchain implementation, alongside a secure network overlay from NetFoundry (OpenZiti). An IBN system is integrated as a management layer for secure policy creation. These policies, in the form of intents, are stored in the blockchain. Additionally, an event listener mechanism is designed to automatically translate the intents from the blockchain into network overlay configurations. Furthermore, a synchronizer ensures that the state of the network overlay remains aligned with the policy configurations defined by the intents in the blockchain. The overall research aims to achieve a Zero Touch and Trust (ZT&T) network system.