A Survey of the Main Security Issues and Solutions for the SDN Architecture
Autor(a) principal: | |
---|---|
Data de Publicação: | 2021 |
Outros Autores: | , , , |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | http://hdl.handle.net/10316/100786 https://doi.org/10.1109/ACCESS.2021.3109564 |
Resumo: | The software-defined networking (SDN) paradigm proposes the decoupling of control and data planes and a centralized software-oriented management approach based on a central controller, easing the development of new applications and services. These design principles pave the way for a more flexible, fast, and dynamic software-controlled network. However, in terms of security, the elements that comprise the SDN architecture present several vulnerabilities, which could be exploited by attackers to carry out malicious actions and thus affect the network and its services. Although for several years, some studies have already focused on identifying the weaknesses of the SDN layer structure, the nature of the attacks, and possible solutions for this paradigm, the literature contains few contributions that review and discuss this topic in an integral fashion. This paper provides a comprehensive, updated, and detailed review of the main security issues and mitigating measures for all layers and interfaces of the SDN architecture, classifying the contributions according to the STRIDE threat modeling methodology categories. Finally, this manuscript identifies, discusses, and synthesizes open challenges and future research directions in this area. |
id |
RCAP_35ed786a972191be3f1c1a8b53c6d1c6 |
---|---|
oai_identifier_str |
oai:estudogeral.uc.pt:10316/100786 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
A Survey of the Main Security Issues and Solutions for the SDN ArchitectureSDN interfacesSDN planesSDN securitySTRIDEThe software-defined networking (SDN) paradigm proposes the decoupling of control and data planes and a centralized software-oriented management approach based on a central controller, easing the development of new applications and services. These design principles pave the way for a more flexible, fast, and dynamic software-controlled network. However, in terms of security, the elements that comprise the SDN architecture present several vulnerabilities, which could be exploited by attackers to carry out malicious actions and thus affect the network and its services. Although for several years, some studies have already focused on identifying the weaknesses of the SDN layer structure, the nature of the attacks, and possible solutions for this paradigm, the literature contains few contributions that review and discuss this topic in an integral fashion. This paper provides a comprehensive, updated, and detailed review of the main security issues and mitigating measures for all layers and interfaces of the SDN architecture, classifying the contributions according to the STRIDE threat modeling methodology categories. Finally, this manuscript identifies, discusses, and synthesizes open challenges and future research directions in this area.2021info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articlehttp://hdl.handle.net/10316/100786http://hdl.handle.net/10316/100786https://doi.org/10.1109/ACCESS.2021.3109564eng2169-3536Jimenez, Maria B.Fernandez, DavidRivadeneira, Jorge EduardoBellido, LuisCardenas, Andresinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2022-07-11T20:31:30Zoai:estudogeral.uc.pt:10316/100786Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T21:18:06.015029Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
A Survey of the Main Security Issues and Solutions for the SDN Architecture |
title |
A Survey of the Main Security Issues and Solutions for the SDN Architecture |
spellingShingle |
A Survey of the Main Security Issues and Solutions for the SDN Architecture Jimenez, Maria B. SDN interfaces SDN planes SDN security STRIDE |
title_short |
A Survey of the Main Security Issues and Solutions for the SDN Architecture |
title_full |
A Survey of the Main Security Issues and Solutions for the SDN Architecture |
title_fullStr |
A Survey of the Main Security Issues and Solutions for the SDN Architecture |
title_full_unstemmed |
A Survey of the Main Security Issues and Solutions for the SDN Architecture |
title_sort |
A Survey of the Main Security Issues and Solutions for the SDN Architecture |
author |
Jimenez, Maria B. |
author_facet |
Jimenez, Maria B. Fernandez, David Rivadeneira, Jorge Eduardo Bellido, Luis Cardenas, Andres |
author_role |
author |
author2 |
Fernandez, David Rivadeneira, Jorge Eduardo Bellido, Luis Cardenas, Andres |
author2_role |
author author author author |
dc.contributor.author.fl_str_mv |
Jimenez, Maria B. Fernandez, David Rivadeneira, Jorge Eduardo Bellido, Luis Cardenas, Andres |
dc.subject.por.fl_str_mv |
SDN interfaces SDN planes SDN security STRIDE |
topic |
SDN interfaces SDN planes SDN security STRIDE |
description |
The software-defined networking (SDN) paradigm proposes the decoupling of control and data planes and a centralized software-oriented management approach based on a central controller, easing the development of new applications and services. These design principles pave the way for a more flexible, fast, and dynamic software-controlled network. However, in terms of security, the elements that comprise the SDN architecture present several vulnerabilities, which could be exploited by attackers to carry out malicious actions and thus affect the network and its services. Although for several years, some studies have already focused on identifying the weaknesses of the SDN layer structure, the nature of the attacks, and possible solutions for this paradigm, the literature contains few contributions that review and discuss this topic in an integral fashion. This paper provides a comprehensive, updated, and detailed review of the main security issues and mitigating measures for all layers and interfaces of the SDN architecture, classifying the contributions according to the STRIDE threat modeling methodology categories. Finally, this manuscript identifies, discusses, and synthesizes open challenges and future research directions in this area. |
publishDate |
2021 |
dc.date.none.fl_str_mv |
2021 |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10316/100786 http://hdl.handle.net/10316/100786 https://doi.org/10.1109/ACCESS.2021.3109564 |
url |
http://hdl.handle.net/10316/100786 https://doi.org/10.1109/ACCESS.2021.3109564 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
2169-3536 |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
|
_version_ |
1799134076260581376 |