首页    期刊浏览 2024年11月23日 星期六
登录注册

文章基本信息

  • 标题:Security Enhancement in Software Defined Networking (SDN): A Threat Model
  • 本地全文:下载
  • 作者:Pradeep Kumar Sharma ; S. S Tyagi
  • 期刊名称:International Journal of Advanced Computer Science and Applications(IJACSA)
  • 印刷版ISSN:2158-107X
  • 电子版ISSN:2156-5570
  • 出版年度:2021
  • 卷号:12
  • 期号:9
  • DOI:10.14569/IJACSA.2021.0120925
  • 语种:English
  • 出版社:Science and Information Society (SAI)
  • 摘要:Software Defined Networking (SDN) has emerged as a technology which can replace the prevalent vendor based proprietary CLI networking devices. SDN has introduced applications based network control and provided various opportunities and challenges for research and innovation in these networks. Despite many advantages and opportunities in SDN, security is a matter of concern for developers who want to invest in SDN. In this paper we are analyzing the SDN security issues with their countermeasures. We have generalized four use cases threat model that should cover security requirements of SDN. These use cases are: (I) protect controllers from applications, (II) inter-controller protection, (III) protecting data plane or switches from controller, (IV) protecting controllers from malicious switches. We found that these SDN components are inter-related if one is secure another one is already secure. We also compared the SDN and traditional network security in terms of these four use cases and provide the insights for protection mechanism and security enhancements. A framework for the development of a SDN security application has been presented based on ryu controller. We believe that our threat model will help various researchers and developers to understand current security requirements and provide a ready reference to tackle vulnerabilities and threats in this area. Finally, we identify some open research problems and future research directions with a proposed security architecture.
  • 关键词:Software defined networking (SDN); openflow; control plane; data plane; controller; programmability
国家哲学社会科学文献中心版权所有