软件定义网络的安全服务平台

2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN) Pub Date : 2016-11-01 DOI:10.1109/NFV-SDN.2016.7919473

Sinan Tatlicioglu, S. Civanlar, B. Gorkemli, Erhan Lokman, A. M. Balci, C. B. Eliacik

{"title":"软件定义网络的安全服务平台","authors":"Sinan Tatlicioglu, S. Civanlar, B. Gorkemli, Erhan Lokman, A. M. Balci, C. B. Eliacik","doi":"10.1109/NFV-SDN.2016.7919473","DOIUrl":null,"url":null,"abstract":"Software Defined Networking (SDN) is a paradigm shift that changes the working principals of IP networks by separating the control logic from routers and switches, and logically centralizing it within a controller. While having a centralized controller as a single point of failure creates an added vulnerability from a network security viewpoint, it also creates an opportunity to offer a whole range of novel security services such as Moving Target Defense (MTD) strategies, many of which are painstakingly difficult or almost impossible without SDN. The traditional security services such as Onion Routing and VPN can be offered with much richer options by exploiting the advantages attained by SDN. This paper primarily focuses on a centralized security services platform of the controller that generates a dynamic behavior for selected data flows.","PeriodicalId":448203,"journal":{"name":"2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A security services platform for Software Defined Networks\",\"authors\":\"Sinan Tatlicioglu, S. Civanlar, B. Gorkemli, Erhan Lokman, A. M. Balci, C. B. Eliacik\",\"doi\":\"10.1109/NFV-SDN.2016.7919473\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software Defined Networking (SDN) is a paradigm shift that changes the working principals of IP networks by separating the control logic from routers and switches, and logically centralizing it within a controller. While having a centralized controller as a single point of failure creates an added vulnerability from a network security viewpoint, it also creates an opportunity to offer a whole range of novel security services such as Moving Target Defense (MTD) strategies, many of which are painstakingly difficult or almost impossible without SDN. The traditional security services such as Onion Routing and VPN can be offered with much richer options by exploiting the advantages attained by SDN. This paper primarily focuses on a centralized security services platform of the controller that generates a dynamic behavior for selected data flows.\",\"PeriodicalId\":448203,\"journal\":{\"name\":\"2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)\",\"volume\":\"39 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NFV-SDN.2016.7919473\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NFV-SDN.2016.7919473","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

软件定义网络(SDN)是一种范式转变，通过将控制逻辑从路由器和交换机中分离出来，并在逻辑上将其集中在控制器中，改变了IP网络的工作原理。虽然从网络安全的角度来看，将集中式控制器作为单点故障会增加一个漏洞，但它也为提供一系列新颖的安全服务(如移动目标防御(MTD)策略)创造了机会，如果没有SDN，其中许多服务都非常困难或几乎不可能实现。利用SDN的优势，可以为洋葱路由和VPN等传统安全服务提供更丰富的选择。本文主要研究控制器的集中安全服务平台，该平台为选定的数据流生成动态行为。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A security services platform for Software Defined Networks

Software Defined Networking (SDN) is a paradigm shift that changes the working principals of IP networks by separating the control logic from routers and switches, and logically centralizing it within a controller. While having a centralized controller as a single point of failure creates an added vulnerability from a network security viewpoint, it also creates an opportunity to offer a whole range of novel security services such as Moving Target Defense (MTD) strategies, many of which are painstakingly difficult or almost impossible without SDN. The traditional security services such as Onion Routing and VPN can be offered with much richer options by exploiting the advantages attained by SDN. This paper primarily focuses on a centralized security services platform of the controller that generates a dynamic behavior for selected data flows.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)

自引率

0.00%

发文量