From CIA to PDR:A Top-Down Survey of SDN Security for Cloud DCN

doi:10.3969/j.issn.1673-5188.2016.01.008

ZTE Communications ›› 2016, Vol. 14 ›› Issue (1): 54-60.DOI: 10.3969/j.issn.1673-5188.2016.01.008

• Review • Previous Articles Next Articles

From CIA to PDR:A Top-Down Survey of SDN Security for Cloud DCN

Zhi Liu^1,2, Xiang Wang^1,2, and Jun Li^1,3

1. Research Institute of Information Technology, Tsinghua University, Beijing 100084, China;
2. Department of Automation, Tsinghua University, Beijing 100084, China;
3. Tsinghua National Laboratory for Information Science and Technology,Beijing 100084, China

Received:2015-12-01 Online:2016-02-01 Published:2019-11-27
About author:Zhi Liu (zhi-liu12@mails.tsinghua.edu.cn) is currently a PhD candidate at Department of Automation, Tsinghua University, China. He received his BS degree from Department of Automation, Tsinghua University in 2012. His research interests include software-defined networking, cloud datacenter network, and performance optimization for networking algorithms and systems. Xiang Wang (xiang-wang11@mails.tsinghua.edu.cn) received his PhD degree in 2015 from Department of Automation, Tsinghua University. He received his MS degree from the School of Software Engineering, University of Science and Technology of China in 2010 and BS degree from the School of Telecommunication Engineering, Xidian University, China in 2007. His research interests include software-defined networking, distributed system, and performance issues in computer networking and system architectures. Jun Li (junl@tsinghua.edu.cn) received his PhD degree in Computer Science from New Jersey Institute of Technology (NJIT), USA, and MS and BS degrees in Control and Information from Department of Automation, Tsinghua University. He is currently a professor at Tsinghua University, and Executive Deputy Director of the Tsinghua National Laboratory for Information Science and Technology. Before rejoined Tsinghua University in 2003, he held executive positions at ServGate Technologies, which he co-founded in 1999. Prior to that, he was a senior software engineer at EXAR and TeraLogic. In between of his MS and PhD studies, he was an assistant professor then lecturer in the Department of Automation, Tsinghua University. His current research interests mainly focus on networking and network security.

From CIA to PDR: A Top-Down Survey of SDN Security for Cloud DCN

Zhi Liu^1,2, Xiang Wang^1,2, and Jun Li^1,3

1. Research Institute of Information Technology, Tsinghua University, Beijing 100084, China;
2. Department of Automation, Tsinghua University, Beijing 100084, China;
3. Tsinghua National Laboratory for Information Science and Technology,Beijing 100084, China

作者简介:Zhi Liu (zhi-liu12@mails.tsinghua.edu.cn) is currently a PhD candidate at Department of Automation, Tsinghua University, China. He received his BS degree from Department of Automation, Tsinghua University in 2012. His research interests include software-defined networking, cloud datacenter network, and performance optimization for networking algorithms and systems. Xiang Wang (xiang-wang11@mails.tsinghua.edu.cn) received his PhD degree in 2015 from Department of Automation, Tsinghua University. He received his MS degree from the School of Software Engineering, University of Science and Technology of China in 2010 and BS degree from the School of Telecommunication Engineering, Xidian University, China in 2007. His research interests include software-defined networking, distributed system, and performance issues in computer networking and system architectures. Jun Li (junl@tsinghua.edu.cn) received his PhD degree in Computer Science from New Jersey Institute of Technology (NJIT), USA, and MS and BS degrees in Control and Information from Department of Automation, Tsinghua University. He is currently a professor at Tsinghua University, and Executive Deputy Director of the Tsinghua National Laboratory for Information Science and Technology. Before rejoined Tsinghua University in 2003, he held executive positions at ServGate Technologies, which he co-founded in 1999. Prior to that, he was a senior software engineer at EXAR and TeraLogic. In between of his MS and PhD studies, he was an assistant professor then lecturer in the Department of Automation, Tsinghua University. His current research interests mainly focus on networking and network security.

Abstract

Abstract: By extracting the control plane from the data plane, SDN enables unprecedented flexibility for future network architectures and quickly changes the landscape of the networking industry. Although the maturity of commonly accepted SDN security practices is the key to the proliferation of cloud DCN, SDN security research is still in its infancy. This paper gives a top-down survey of the approaches in this area, discussing security challenges and opportunities of software-defined datacenter networking for cloud computing. It leverages the well-known confidentiality-integrity-availability (CIA) matrix and protection-detection-reaction (PDR) model to give an overview of current security threats and security measures. It also discusses promising research directions in this field.

Key words: SDN security, cloud DCN, CIA, PDR

摘要： By extracting the control plane from the data plane, SDN enables unprecedented flexibility for future network architectures and quickly changes the landscape of the networking industry. Although the maturity of commonly accepted SDN security practices is the key to the proliferation of cloud DCN, SDN security research is still in its infancy. This paper gives a top-down survey of the approaches in this area, discussing security challenges and opportunities of software-defined datacenter networking for cloud computing. It leverages the well-known confidentiality-integrity-availability (CIA) matrix and protection-detection-reaction (PDR) model to give an overview of current security threats and security measures. It also discusses promising research directions in this field.

关键词: SDN security, cloud DCN, CIA, PDR

Zhi Liu, Xiang Wang, and Jun Li. From CIA to PDR:A Top-Down Survey of SDN Security for Cloud DCN[J]. ZTE Communications, 2016, 14(1): 54-60.

Zhi Liu, Xiang Wang, and Jun Li. From CIA to PDR: A Top-Down Survey of SDN Security for Cloud DCN[J]. ZTE Communications, 2016, 14(1): 54-60.

[1]	YANG Bei, LIANG Xin, LIU Shengnan, JIANG Zheng, ZHU Jianchi, SHE Xiaoming. Intelligent 6G Wireless Network with Multi-Dimensional Information Perception [J]. ZTE Communications, 2023, 21(2): 3-10.
[2]	LIU Weichen, SHEN Mengqi, ZHANG Anda, CHENG Yiting, ZHANG Wenqiang. Artificial Intelligence Rehabilitation Evaluation and Training System for Degeneration of Joint Disease [J]. ZTE Communications, 2021, 19(3): 46-55.
[3]	GUO Da, ZHENG Qingfang, PENG Xiaojiang, LIU Ming. Face Detection, Alignment, Quality Assessment and Attribute Analysis with Multi-Task Hybrid Convolutional Neural Networks [J]. ZTE Communications, 2019, 17(3): 15-22.
[4]	DONG Shaokang, CHEN Jiarui, LIU Yong, BAO Tianyi, GAO Yang. Reinforcement Learning from Algorithm Model to Industry Innovation: A Foundation Stone of Future Artificial Intelligence [J]. ZTE Communications, 2019, 17(3): 31-41.
[5]	Mayo Morimoto, Misako Imono, Seiji Tsuchiya, Hirokazu Watabe. Emotion Judgment System by EEG Based on Concept Base of EEG Features [J]. ZTE Communications, 2017, 15(S2): 11-17.
[6]	REN Fuji, Kazuyuki Matsumoto. Emotion Analysis on Social Big Data [J]. ZTE Communications, 2017, 15(S2): 30-37.
[7]	XU Xiaoqiong, YU Hongfang, YANG Kun. DDoS Attack in Software Defined Networks: A Survey [J]. ZTE Communications, 2017, 15(3): 13-19.
[8]	REN Fuji and SUN Xiao. Current Situation and Development of Intelligence Robots [J]. ZTE Communications, 2016, 14(S1): 25-34.
[9]	YANG Mengmeng. Attacks and Countermeasures in Social Network Data Publishing [J]. ZTE Communications, 2016, 14(S0): 2-9.
[10]	YANG Haojun, ZHENG Kan, LEI Lei, and XIANG Wei. Heterogeneous Vehicular Networks for Social Networks: Requirements and Challenges [J]. ZTE Communications, 2016, 14(3): 29-35.
[11]	Fuji Ren, Yu Gu. Using Artificial Intelligence in the Internet of Things [J]. ZTE Communications, 2015, 13(2): 1-2.
[12]	Yixin Zhong. I²oT: Advanced Direction of the Internet of Things [J]. ZTE Communications, 2015, 13(2): 3-6.
[13]	Yongsheng Liu, Yansong Yang, Chang Liu, Yu Gu. Forest Fire Detection Using Artificial Neural Network Algorithm Implemented in Wireless Sensor Networks [J]. ZTE Communications, 2015, 13(2): 12-16.
[14]	Danmeng Liu, Wei Wei, Guojie Song, Ping Lu. Community Discovery with Location-Interaction Disparity in Mobile Social Networks [J]. ZTE Communications, 2015, 13(2): 53-61.
[15]	Zhenjiang Dong, Lixia Liu, Bin Wu, and Yang Liu. MBGM: A Graph-Mining Tool Based on MapReduce and BSP [J]. ZTE Communications, 2014, 12(4): 16-22.

From CIA to PDR:A Top-Down Survey of SDN Security for Cloud DCN

From CIA to PDR: A Top-Down Survey of SDN Security for Cloud DCN

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics