z-logo
Premium
A comprehensive 3‐dimensional security analysis of a controller in software‐defined networking
Author(s) -
Tseng Yuchia,
NaïtAbdesselam Farid,
Khokhar Ashfaq
Publication year - 2018
Publication title -
security and privacy
Language(s) - English
Resource type - Journals
ISSN - 2475-6725
DOI - 10.1002/spy2.21
Subject(s) - openflow , software defined networking , computer science , controller (irrigation) , routing control plane , forwarding plane , decoupling (probability) , software , computer network , computer security , engineering , control engineering , operating system , network packet , agronomy , biology
Software‐defined networking (SDN) has recently emerged as a novel networking paradigm that enables network administrators to manage network services through high‐level abstraction of networking functions. This is achieved by mainly decoupling the control plane from the data plane. The control plane, namely the SDN controller, makes dynamic decisions on where traffic is sent in the underlying systems that forward data to the selected destinations. The SDN controller, seen as a networking operating system, acts, therefore, as the brain in SDN. Consequently, its importance makes it a privileged new target for future attackers. In order to have a comprehensive security assessment of the SDN controller, we conducted a 3‐dimensional analysis to study the security of OpenFlow‐based SDN controllers. This study includes: (1) the essential components of a controller, (2) the characteristics provided by a controller, and (3) the STRIDE model. At the end, we also summarized 9 principles that are necessary to secure an SDN controller from the reported attacks and analyzed the security of 5 active open‐source controllers following those principles.

This content is not available in your region!

Continue researching here.

Having issues? You can contact us here