include::unimgr/odl-unimgr-channel-dev.adoc[]
+include::usecplugin/odl-usecplugin-aaa-dev.adoc[USECPLUGIN-AAA]
+
+include::usecplugin/odl-usecplugin-openflow-dev.adoc[USECPLUGIN-OPENFLOW]
+
include::usc/odl-usc-channel-dev.adoc[]
include::vtn/vtn-dev.adoc[]
--- /dev/null
+== Usecplugin-AAA Developer Guide
+
+=== Overview
+Usecplugin-AAA provides security related information for the AAA northbound interface.
+
+=== Usecplugin-AAA Architecture
+AAA plugin creates log messages about successful and failed login attempts to OpenDaylight.
+Usecplugin-AAA continuously reads this log file and checks for either successful and failed attempt information.
+Whenever Usecpluin-AAA identifies a new attempt entry in the log file it is stored
+in YANG Data Store and its own log file.
+
+Usecplugin-AAA is implemented with the help of a few java classes.
+
+UsecpluginAAAProvider :: Provider class for Usecplugin-AAA feature implementation.
+UsecpluginAAANotifImpl :: Logs notification information which can be seen by log:display at the Karaf terminal
+UsecpluginAAARPCImpl :: Implements Usecplugin RPCs
+UsecpluginAAAParsingLog :: Parses OpenDaylight log information for identifying login attempts.
+UsecpluginAAAPublishNotif :: Publishes failed login attempt notification.
+UsecpluginAAAStore :: Creates login information at the YANG Data Store.
+
+=== Key APIs and Interfaces
+* RPC APIs
++
+Login Attempt from IP :: Returns Time and Type of Attempts (Success or Failure)
+Login Attempt at Time :: Returns Attempter IP Address and Type of Attempts (Success or Failure)
++
+* Notification APIs
++
+On Invalid Login Attempt :: Notification generated on Invalid Login Attempt
++
+* YANG Data Store APIs
++
+Get Login Attempts :: Returns Source IP address of Attempter with Time of Attempts and Type of Attempts (Success or Failure)
+
+// === API Reference Documentation
+// Links to JavaDoc and REST API documentation will be provided later.
--- /dev/null
+== Usecplugin-OpenFlow Developer Guide
+
+=== Overview
+Usecplugin-OpenFlow provides security related information for the OpenFlow southbound interface.
+
+=== Usecplugin-OpenFlow Architecture
+Usecplugin-OpenFlow listens on OpenFlow southbound interface for Packet_In messages. The application parses
+the message for header information. Usecplugin-OpenFlow has PacketHandler class that implements the PacketProcessing interface to override the
+OnPacketReceived notification by which the application is notified of Packet_In messages.
+
+Usecplugin-OpenFlow is implemented with the help of a few java classes.
+
+UsecpluginProvider :: Provider class for Usecplugin-OpenFlow feature implementation.
+PacketHandler :: Receives Packet_In messages coming to the controller and process them appropriately
+PacketParsing :: Decodes Packet_In messages for packet header information (L2, L3 & L4 information)
+InventoryUtility :: Decodes Packet_In messages for OpenFlow Switch and Port information
+UsecpluginNotifImpl :: Logs notification information which can be seen by log:display at the Karaf terminal
+UsecpluginRPCImpl :: Implements Usecplugin RPCs
+UsecpluginStore :: Stores attack information into YANG Data Store and log file.
+
+=== Key APIs and Interfaces
+* RPC APIs
++
+Attacks from DPID :: Number of OpenFlow Packet_In Attacks from Switch with DeviceID
+Attacks from Host :: Number of OpenFlow Packet_In Attacks from SrcIP Address
+Attacks to Server :: Number of OpenFlow Packet_In Attacks to DstIP Address
+Attacks at Time of Day :: Number of OpenFlow Packet_In Attacks at a Particular Time with a variable Window Time
++
+* Notification APIs
++
+On Low Water Mark Breached :: Notification generated on breaching Low Water Mark
+
+// === API Reference Documentation
+// Links to JavaDoc and REST API documentation will be provided later.
include::unimgr/unimgr-user.adoc[]
+include::usecplugin/odl-usecplugin-aaa-user.adoc[USECPLUGIN-AAA]
+
+include::usecplugin/odl-usecplugin-openflow-user.adoc[USECPLUGIN-OPENFLOW]
+
include::usc/odl-usc-channel-user.adoc[USC]
include::vtn/vtn-user.adoc[]
--- /dev/null
+== Usecplugin-AAA User Guide
+The Usecplugin User Guide contains information about configuration, administration,
+management, using and troubleshooting the feature.
+
+=== Overview
+AAA plugin provides authorization, authentication and accounting services to OpenDaylight. A user logs in to
+OpenDaylight through the username and password provided by AAA plugin.
+Usecplugin-AAA collects and stores information about both successful and failed login attempts to OpenDaylight.
+
+
+=== Usecplugin-AAA Architecture
+AAA plugin creates log messages about successful and failed login attempts to OpenDaylight.
+Usecplugin-AAA continuously reads this log file and checks for either successful and failed attempt information.
+Whenever Usecpluin-AAA identifies a new attempt entry in the log file it is stored
+in YANG Data Store and its own log file.
+
+=== Administering or Managing Usecplugin-AAA
+* Install feature `odl-usecplugin-aaa`
+* Enable odl-aaa log using command `log:set DEBUG org.opendaylight.aaa.shiro.filters`
+* Login to the RESTCONF documentation.
+* Check operational datastore for login attempts.
+* POST URI :: http://localhost:8181/restconf/operations/usecpluginaaa:attemptFromIP
+** Sample Input :: {"usecpluginaaa:input":{"ScrIP":"10.0.0.1"}}
+* POST URI :: http://localhost:8181/restconf/operations/usecpluginaaa:attemptOnDateTime
+** Sample Input :: {"usecpluginaaa:input":{"dateTime":"2016-07-27 14:11:18"}}
--- /dev/null
+== Usecplugin-OpenFlow User Guide
+The Usecplugin-OpenFlow User Guide contains information about configuration, administration,
+management, using and troubleshooting the feature.
+
+=== Overview
+Usecplugin-OpenFlow collects information about potential OpenFlow Packet_In attacks to OpenDaylight.
+A threshold (water mark) can be set for the Packet_In rate which when breached will trigger Packet_In message
+information collection.
+
+=== Usecplugin Architecture
+Usecplugin listens on OpenFlow southbound interface for Packet_In messages. When the rate of Packet_In
+breaches the high water mark the application parses the message for header information which is subsequently
+stored in YANG Data Store and a log file. Usecplugin has PacketHandler class that implements the PacketProcessing
+interface to override the OnPacketReceived notification by which the application is notified of Packet_In messages.
+
+=== Configuring Usecplugin-OpenFlow
+
+Install the Usecplugin-OpenFlow feautre in OpenDaylight with the `feature:install odl-usecplugin-openflow` at the Karaf CLI.
+
+A user can set the low water mark and high water mark for Packet_In rates as well as number of samples for checking the time interval to calculate Packet_In rate.
+
+URI :: http://localhost:8181/apidoc/explorer/index.html#!/usecplugin(2015-01-05)
+
+==== High Water Mark Configuration
+PUT URI :: http://localhost:8181/restconf/config/usecplugin:sample-data-hwm/
+Sample Input :: `{"usecplugin:sample-data-hwm": { "samples":"3000","highWaterMark":"3000"}}`
+
+==== Low Water Mark Configuration
+PUT URI :: http://localhost:8181/restconf/config/usecplugin:sample-data-lwm/
+Sample Input :: `{"usecplugin:sample-data-lwm": { "samples-lwm":"2000","lowWaterMark-lwm":"2000"}}`
+
+=== Administering or Managing Usecplugin-OpenFlow
+Use RPC POST APIs in the following format for getting the attack related information.
+
+==== attackID
+URI :: http://localhost:8181/restconf/operations/usecplugin:attackID
+Sample Input :: `{"usecplugin:input": { "NodeID":"openflow:1"}}`
+
+==== attacksFromIP
+URI :: http://localhost:8181/restconf/operations/usecplugin:attacksFromIP
+Sample Input :: `{"usecplugin:input": { "SrcIP":"10.0.0.1"}}`
+
+==== attacksToIP
+URI :: http://localhost:8181/restconf/operations/usecplugin:attacksToIP
+Sample Input :: `{"usecplugin:input": { "DstIP":"10.0.0.2"}}`