Authentication mechanism for network applications in SDN environments

Software-defined Networking, a new networking paradigm, provides network programming for third parties by separating control plane from data forwarding plane and opening network capabilities. SDN brings great flexibility and openness to the network, but the original design phase of SDN had not considered designing characteristics regarding security. For this reason, there are many potential vulnerabilities in SDN Environments. One of the most critical security threats arise from the vulnerability of trusting relationship due to the lack of authentication mechanism between the network application and the controller. A specific concern is whether an application can be trusted or not. This paper discusses the authentication mechanism of the network application. At the same time, it implements the application authentication system which addresses the key challenges: how to safely resolve conflicts between untrusted network applications and requests. The paper undergoes system testing in testbed constructed Floodlight architecture. The test results show that the system works well to effectively defend against unauthorized access and provide log history, which verifies the effectiveness of the proposed method to secure the northbound interface by introducing the application authentication system.