Abstract
The data communication architecture remained constant for decades. As the pace of technologies accelerated, there was a need to adopt a new model to decompose the complexity and inflexibility of the traditional networks. The pillar technologies of software-defined networks (SDN) (e.g., central network control, programmability, and network virtualization) have been under research for decades. OpenFlow introduces the concept of separating control and forward planes and represents novel communication architecture. Despite the significant advantages offered by the new SDN architecture (e.g., flexibility, programmability, and centralization), the model imposes unprecedented security threats. Security is a primary concern in the new model. The SDN control is a crucial layer in the network. A single point that orchestrates the entire network can be utilized to enhance network security, paradoxically making the centralized architecture more vulnerable to attacks. The controller is an attractive target for the attackers, and the accessibility from the application layer to the forward layer is a severe threat to network resources. This chapter surveys the SDN security concerns as a security enhancer and studies the trade-offs of the SDN model from a security perspective. Additionally, the chapter investigates several SDN security solutions.
| Original language | English |
|---|---|
| Title of host publication | Networks of the Future: Architectures, Technologies, and Implementations |
| Editors | Mahmoud Elkhodr, Qusay F. Hassan, Seyed A. Shahrestani |
| Place of Publication | U.S. |
| Publisher | CRC Press |
| Pages | 89-100 |
| Number of pages | 12 |
| ISBN (Print) | 9781498783972 |
| Publication status | Published - 2018 |
Keywords
- computer networks
- security measures
- computer security