{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,16]],"date-time":"2025-12-16T12:39:57Z","timestamp":1765888797140,"version":"3.37.3"},"reference-count":35,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2022,1,24]],"date-time":"2022-01-24T00:00:00Z","timestamp":1642982400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,1,24]],"date-time":"2022-01-24T00:00:00Z","timestamp":1642982400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100013407","name":"Netherlands eScience Center","doi-asserted-by":"publisher","award":["SecConNet"],"award-info":[{"award-number":["SecConNet"]}],"id":[{"id":"10.13039\/100013407","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003246","name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","doi-asserted-by":"publisher","award":["SecConNet"],"award-info":[{"award-number":["SecConNet"]}],"id":[{"id":"10.13039\/501100003246","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2022,8]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>There are many organizations interested in sharing data with others, and they can do this only if a multi-domain secure platform is available. Such platforms, often referred to as Digital Data Marketplaces (DDMs), require that all the transactions follow the pre-defined policies that are established by the participating parties i.e, domains. However, building a multi-domain network infrastructure in which each domain can manage its own connectivity while at the same time all of the transactions follow the sharing agreements is still a challenge. In this paper, we introduce a multi-domain containerized DDM that is built upon a P4-based network. It can handle the communication of multiple domains and guarantee that the operation of transactions is based on the pre-defined policies. We also studied the setup performance by defining a model which we demonstrated follows the real measurements, and we can use for decision making. The results also show the low overhead of using P4 switch in network setup time. In addition, we conducted a security evaluation which showed that our P4-based network setup is secure against most types of attacks.<\/jats:p>","DOI":"10.1007\/s10586-021-03501-2","type":"journal-article","created":{"date-parts":[[2022,1,24]],"date-time":"2022-01-24T00:05:01Z","timestamp":1642982701000},"page":"2953-2966","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Multi-domain network infrastructure based on P4 programmable devices for Digital Data Marketplaces"],"prefix":"10.1007","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3763-5424","authenticated-orcid":false,"given":"Sara","family":"Shakeri","sequence":"first","affiliation":[]},{"given":"Lourens","family":"Veen","sequence":"additional","affiliation":[]},{"given":"Paola","family":"Grosso","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,1,24]]},"reference":[{"key":"3501_CR1","doi-asserted-by":"publisher","first-page":"179909","DOI":"10.1109\/ACCESS.2020.3028051","volume":"8","author":"JA Kassem","year":"2020","unstructured":"Kassem, J.A., De Laat, C., Taal, A., Grosso, P.: The epi framework: A dynamic data sharing framework for healthcare use cases. IEEE Access 8, 179909\u2013179920 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3028051","journal-title":"IEEE Access"},{"key":"3501_CR2","unstructured":"Bastiaansen, H., Nieuwenhuis, K., Zomer, G., Piest, J.P.S., van Sinderen, M., Dalmolen, S.: The logistics data sharing infrastructure (2020)"},{"key":"3501_CR3","unstructured":"AMdEX:THE DATA HYPERMARKET. https:\/\/amsterdameconomicboard.com\/en\/news\/research-organisations-and-commercial-parties-start-developing-the-new-amsterdam-data-exchange (2021). [Online; accessed April-2021]"},{"key":"3501_CR4","doi-asserted-by":"publisher","first-page":"102689","DOI":"10.1109\/ACCESS.2019.2931762","volume":"7","author":"L Zhang","year":"2019","unstructured":"Zhang, L., Cushing, R., Gommans, L., De Laat, C., Grosso, P.: Modeling of collaboration archetypes in digital market places. IEEE Access 7, 102689\u2013102700 (2019). https:\/\/doi.org\/10.1109\/ACCESS.2019.2931762","journal-title":"IEEE Access"},{"key":"3501_CR5","unstructured":"priVAcy preserviNg federaTed leArninG infrastructurE for Secure Insight eXchange. https:\/\/distributedlearning.ai\/ (2021). [Online; accessed April-2021]"},{"key":"3501_CR6","unstructured":"A library for computing on data you do not own and cannot see. https:\/\/github.com\/OpenMined\/PySyft (2021). [Online; accessed April-2021]"},{"key":"3501_CR7","unstructured":"MPyC: Secure Multiparty Computation in Python. https:\/\/www.win.tue.nl\/~berry\/mpyc\/ (2021). [Online; accessed April-2021]"},{"key":"3501_CR8","unstructured":"IBM Federated Learning. https:\/\/github.com\/IBM\/federated-learning-lib (2021). [Online; accessed April-2021]"},{"key":"3501_CR9","doi-asserted-by":"publisher","unstructured":"Shakeri, S., Veen, L., Grosso, P.: Evaluation of container overlays for secure data sharing. In: 2020 IEEE 45th LCN Symposium on Emerging Topics in Networking (LCN Symposium), pp. 99\u2013108 (2020). https:\/\/doi.org\/10.1109\/LCNSymposium50271.2020.9363266","DOI":"10.1109\/LCNSymposium50271.2020.9363266"},{"key":"3501_CR10","unstructured":"Kubernetes. https:\/\/kubernetes.io\/docs\/tutorials\/kubernetes-basics\/ (2021). [Online; accessed April-2021]"},{"key":"3501_CR11","unstructured":"Use bridge network. https:\/\/docs.docker.com\/network\/bridge\/ (2021). [Online; accessed April-2021]"},{"key":"3501_CR12","unstructured":"Calico. https:\/\/www.tigera.io\/project-calico\/ (2021). [Online; accessed September-2021]"},{"key":"3501_CR13","unstructured":"Cilium. https:\/\/cilium.io\/ (2021). [Online; accessed September-2021]"},{"key":"3501_CR14","unstructured":"Default bridge network. https:\/\/docs.docker.com\/network\/network-tutorial-standalone (2021). [Online; accessed September-2021]"},{"key":"3501_CR15","unstructured":"User-defined bridge networks. https:\/\/docs.docker.com\/network\/network-tutorial-standalone (2021). [Online; accessed September-2021]"},{"key":"3501_CR16","unstructured":"Improving Network Monitoring and Management with Programmable Data Planes. https:\/\/opennetworking.org\/news-and-events\/blog\/improving-network-monitoring-and-management-with-programmable-data-planes\/ (2021). [Online; accessed September-2021]"},{"key":"3501_CR17","doi-asserted-by":"publisher","first-page":"20391","DOI":"10.1109\/ACCESS.2021.3055462","volume":"9","author":"P Manzanares-Lopez","year":"2021","unstructured":"Manzanares-Lopez, P., Mu\u00f1oz-Gea, J.P., Malgosa-Sanahuja, J.: Passive in-band network telemetry systems: The potential of programmable data plane on network-wide telemetry. IEEE Access 9, 20391\u201320409 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3055462","journal-title":"IEEE Access"},{"key":"3501_CR18","unstructured":"Lapolli, A.C., Adilson Marques, J., Gaspary, L.P.: Offloading real-time ddos attack detection to programmable data planes. In: 2019 IFIP\/IEEE Symposium on Integrated Network and Service Management (IM), pp. 19\u201327 (2019)"},{"key":"3501_CR19","doi-asserted-by":"publisher","unstructured":"Febro, A., Xiao, H., Spring, J.: Distributed sip ddos defense with p4. In: 2019 IEEE Wireless Communications and Networking Conference (WCNC), pp. 1\u20138 (2019). https:\/\/doi.org\/10.1109\/WCNC.2019.8885926","DOI":"10.1109\/WCNC.2019.8885926"},{"key":"3501_CR20","doi-asserted-by":"publisher","unstructured":"Dimolianis, M., Pavlidis, A., Maglaris, V.: A multi-feature ddos detection schema on p4 network hardware. In: 2020 23rd Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN), pp. 1\u20136 (2020). https:\/\/doi.org\/10.1109\/ICIN48450.2020.9059327","DOI":"10.1109\/ICIN48450.2020.9059327"},{"key":"3501_CR21","unstructured":"About Agilio SmartNICs. https:\/\/www.netronome.com\/products\/smartnic\/overview\/ (2021). [Online; accessed September-2021]"},{"key":"3501_CR22","unstructured":"P4SmartNics. https:\/\/opennetworking.org\/wp-content\/uploads\/2020\/12\/p4_d2_2017_nfp_architecture.pdf (2021). [Online; accessed September-2021]"},{"key":"3501_CR23","doi-asserted-by":"crossref","unstructured":"Bosshart, P., Daly, D., Gibb, G., Izzard, M., McKeown, N., Rexford, J., Schlesinger, C., Talayco, D., Vahdat, A., Varghese, G., Walker, D.: P4: Programming protocol-independent packet processors. SIGCOMM Comput. Commun. Rev. 44(3), 87\u201395 (2014)","DOI":"10.1145\/2656877.2656890"},{"key":"3501_CR24","unstructured":"BEHAVIORAL MODEL (bmv2). https:\/\/github.com\/p4lang\/behavioral-model (2021). [Online; accessed April-2021]"},{"key":"3501_CR25","unstructured":"RabbitMQ. https:\/\/www.cloudamqp.com\/blog\/part1-rabbitmq-for-beginners-what-is-rabbitmq.html (2021). [Online; accessed April-2021]"},{"key":"3501_CR26","unstructured":"ARP spoofing. https:\/\/www.veracode.com\/security\/arp-spoofing (2021). [Online; accessed April-2021]"},{"key":"3501_CR27","unstructured":"IP spoofing. https:\/\/www.oreilly.com\/library\/view\/ccna-security-210-260\/9781787128873\/78f2bb48-0c68-452b-8edc-eb1482f7dbfc.xhtml (2021). [Online; accessed April-2021]"},{"key":"3501_CR28","doi-asserted-by":"publisher","first-page":"139567","DOI":"10.1109\/ACCESS.2020.3012738","volume":"8","author":"F Hauser","year":"2020","unstructured":"Hauser, F., H\u00e4berle, M., Schmidt, M., Menth, M.: P4-ipsec: Site-to-site and host-to-site vpn with ipsec in p4-based sdn. IEEE Access 8, 139567\u2013139586 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3012738","journal-title":"IEEE Access"},{"key":"3501_CR29","doi-asserted-by":"publisher","unstructured":"Qin, Y., Quan, W., Song, F., Zhang, L., Liu, G., Liu, M., Yu, C.: Flexible encryption for reliable transmission based on the p4 programmable platform. In: 2020 Information Communication Technologies Conference (ICTC), pp. 147\u2013152 (2020). https:\/\/doi.org\/10.1109\/ICTC49638.2020.9123251","DOI":"10.1109\/ICTC49638.2020.9123251"},{"key":"3501_CR30","doi-asserted-by":"publisher","first-page":"58845","DOI":"10.1109\/ACCESS.2020.2982859","volume":"8","author":"F Hauser","year":"2020","unstructured":"Hauser, F., Schmidt, M., H\u00e4berle, M., Menth, M.: P4-macsec: Dynamic topology monitoring and data layer protection with macsec in p4-based sdn. IEEE Access 8, 58845\u201358858 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.2982859","journal-title":"IEEE Access"},{"key":"3501_CR31","unstructured":"Draskovic, D., Saleh, G.: Datapace (2017). https:\/\/datapace.io\/datapace_whitepaper.pdf"},{"key":"3501_CR32","unstructured":"Foundation, O.P., GmbH, B.: Ocean protocol: Tools for the web3 data economy (2020). https:\/\/oceanprotocol.com\/tech-whitepaper.pdf"},{"key":"3501_CR33","unstructured":"International data spaces reference architecture model version 3.0 (2019). https:\/\/internationaldataspaces.org\/download\/16630\/"},{"key":"3501_CR34","doi-asserted-by":"publisher","unstructured":"Shakeri, S., van Noort, N., Grosso, P.: Scalability of container overlays for policy enforcement in digital marketplaces. In: 2019 IEEE 8th International Conference on Cloud Networking (CloudNet), pp. 1\u20134 (2019). https:\/\/doi.org\/10.1109\/CloudNet47604.2019.9064090","DOI":"10.1109\/CloudNet47604.2019.9064090"},{"key":"3501_CR35","doi-asserted-by":"publisher","unstructured":"Zhou, X., Cushing, R., Koning, R., Belloum, A., Grosso, P., Klous, S., van Engers, T., de Laat, C.: Policy enforcement for secure and trustworthy data sharing in multi-domain infrastructures. In: 2020 IEEE 14th International Conference on Big Data Science and Engineering (BigDataSE), pp. 104\u2013113 (2020). https:\/\/doi.org\/10.1109\/BigDataSE50710.2020.00022","DOI":"10.1109\/BigDataSE50710.2020.00022"}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-021-03501-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10586-021-03501-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-021-03501-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,14]],"date-time":"2022-07-14T11:31:32Z","timestamp":1657798292000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10586-021-03501-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,24]]},"references-count":35,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2022,8]]}},"alternative-id":["3501"],"URL":"https:\/\/doi.org\/10.1007\/s10586-021-03501-2","relation":{},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"type":"print","value":"1386-7857"},{"type":"electronic","value":"1573-7543"}],"subject":[],"published":{"date-parts":[[2022,1,24]]},"assertion":[{"value":"30 April 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 September 2021","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 November 2021","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 January 2022","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no relevant financial or non-financial interests to disclose.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"P4 software switch code has been used in this work that is publicly available on \u201chttps:\/\/github.com\/p4lang\/behavioral-model\u201d. The code that has been written for this project is available on \u201chttps:\/\/github.com\/sarashakeri\/P4-uniqueid\u201d","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Code availability"}},{"value":"[SS], [LV], [PG];","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conceptualization"}},{"value":"[Sara Shakeri];","order":5,"name":"Ethics","group":{"name":"EthicsHeading","label":"Data curation"}},{"value":"[Sara Shakeri], [Lourens Veen], [Paola Grosso];","order":6,"name":"Ethics","group":{"name":"EthicsHeading","label":"Formal Analysis"}},{"value":"[Paola Grosso];","order":7,"name":"Ethics","group":{"name":"EthicsHeading","label":"Funding acquisition"}},{"value":"[Sara Shakeri], [Lourens Veen], [Paola Grosso];","order":8,"name":"Ethics","group":{"name":"EthicsHeading","label":"Investigation"}},{"value":"[Sara Shakeri], [Lourens Veen];","order":9,"name":"Ethics","group":{"name":"EthicsHeading","label":"Methodology"}},{"value":"[Paola Grosso];","order":10,"name":"Ethics","group":{"name":"EthicsHeading","label":"Project administration"}},{"value":"[Sara Shakeri];","order":11,"name":"Ethics","group":{"name":"EthicsHeading","label":"Visualization"}},{"value":"[Sara Shakeri];","order":12,"name":"Ethics","group":{"name":"EthicsHeading","label":"Software"}},{"value":"[Paola Grosso];","order":13,"name":"Ethics","group":{"name":"EthicsHeading","label":"Supervision"}},{"value":"[Sara Shakeri], [Lourens Veen], [Paola Grosso];","order":14,"name":"Ethics","group":{"name":"EthicsHeading","label":"Validation"}},{"value":"[Sara Shakeri];","order":15,"name":"Ethics","group":{"name":"EthicsHeading","label":"Writing\u2014original draft"}},{"value":"[Sara Shakeri], [Lourens Veen], [Paola Grosso];","order":16,"name":"Ethics","group":{"name":"EthicsHeading","label":"Writing\u2014review and editing"}}]}}