[an error occurred while processing this directive]

ZTE Communications ›› 2016, Vol. 14 ›› Issue (1): 54-60.DOI: 10.3969/j.issn.1673-5188.2016.01.008

• • 上一篇    下一篇

From CIA to PDR: A Top-Down Survey of SDN Security for Cloud DCN

Zhi Liu1,2, Xiang Wang1,2, and Jun Li1,3   

  1. 1. Research Institute of Information Technology, Tsinghua University, Beijing 100084, China;
    2. Department of Automation, Tsinghua University, Beijing 100084, China;
    3. Tsinghua National Laboratory for Information Science and Technology,Beijing 100084, China
  • 收稿日期:2015-12-01 出版日期:2016-02-01 发布日期:2019-11-27
  • 作者简介:Zhi Liu (zhi-liu12@mails.tsinghua.edu.cn) is currently a PhD candidate at Department of Automation, Tsinghua University, China. He received his BS degree from Department of Automation, Tsinghua University in 2012. His research interests include software-defined networking, cloud datacenter network, and performance optimization for networking algorithms and systems. Xiang Wang (xiang-wang11@mails.tsinghua.edu.cn) received his PhD degree in 2015 from Department of Automation, Tsinghua University. He received his MS degree from the School of Software Engineering, University of Science and Technology of China in 2010 and BS degree from the School of Telecommunication Engineering, Xidian University, China in 2007. His research interests include software-defined networking, distributed system, and performance issues in computer networking and system architectures. Jun Li (junl@tsinghua.edu.cn) received his PhD degree in Computer Science from New Jersey Institute of Technology (NJIT), USA, and MS and BS degrees in Control and Information from Department of Automation, Tsinghua University. He is currently a professor at Tsinghua University, and Executive Deputy Director of the Tsinghua National Laboratory for Information Science and Technology. Before rejoined Tsinghua University in 2003, he held executive positions at ServGate Technologies, which he co-founded in 1999. Prior to that, he was a senior software engineer at EXAR and TeraLogic. In between of his MS and PhD studies, he was an assistant professor then lecturer in the Department of Automation, Tsinghua University. His current research interests mainly focus on networking and network security.

From CIA to PDR:A Top-Down Survey of SDN Security for Cloud DCN

Zhi Liu1,2, Xiang Wang1,2, and Jun Li1,3   

  1. 1. Research Institute of Information Technology, Tsinghua University, Beijing 100084, China;
    2. Department of Automation, Tsinghua University, Beijing 100084, China;
    3. Tsinghua National Laboratory for Information Science and Technology,Beijing 100084, China
  • Received:2015-12-01 Online:2016-02-01 Published:2019-11-27
  • About author:Zhi Liu (zhi-liu12@mails.tsinghua.edu.cn) is currently a PhD candidate at Department of Automation, Tsinghua University, China. He received his BS degree from Department of Automation, Tsinghua University in 2012. His research interests include software-defined networking, cloud datacenter network, and performance optimization for networking algorithms and systems. Xiang Wang (xiang-wang11@mails.tsinghua.edu.cn) received his PhD degree in 2015 from Department of Automation, Tsinghua University. He received his MS degree from the School of Software Engineering, University of Science and Technology of China in 2010 and BS degree from the School of Telecommunication Engineering, Xidian University, China in 2007. His research interests include software-defined networking, distributed system, and performance issues in computer networking and system architectures. Jun Li (junl@tsinghua.edu.cn) received his PhD degree in Computer Science from New Jersey Institute of Technology (NJIT), USA, and MS and BS degrees in Control and Information from Department of Automation, Tsinghua University. He is currently a professor at Tsinghua University, and Executive Deputy Director of the Tsinghua National Laboratory for Information Science and Technology. Before rejoined Tsinghua University in 2003, he held executive positions at ServGate Technologies, which he co-founded in 1999. Prior to that, he was a senior software engineer at EXAR and TeraLogic. In between of his MS and PhD studies, he was an assistant professor then lecturer in the Department of Automation, Tsinghua University. His current research interests mainly focus on networking and network security.

PDF

摘要: By extracting the control plane from the data plane, SDN enables unprecedented flexibility for future network architectures and quickly changes the landscape of the networking industry. Although the maturity of commonly accepted SDN security practices is the key to the proliferation of cloud DCN, SDN security research is still in its infancy. This paper gives a top-down survey of the approaches in this area, discussing security challenges and opportunities of software-defined datacenter networking for cloud computing. It leverages the well-known confidentiality-integrity-availability (CIA) matrix and protection-detection-reaction (PDR) model to give an overview of current security threats and security measures. It also discusses promising research directions in this field.

关键词: SDN security, cloud DCN, CIA, PDR

Abstract: By extracting the control plane from the data plane, SDN enables unprecedented flexibility for future network architectures and quickly changes the landscape of the networking industry. Although the maturity of commonly accepted SDN security practices is the key to the proliferation of cloud DCN, SDN security research is still in its infancy. This paper gives a top-down survey of the approaches in this area, discussing security challenges and opportunities of software-defined datacenter networking for cloud computing. It leverages the well-known confidentiality-integrity-availability (CIA) matrix and protection-detection-reaction (PDR) model to give an overview of current security threats and security measures. It also discusses promising research directions in this field.

Key words: SDN security, cloud DCN, CIA, PDR