A study on authentication mechanism in SEaaS for SDN

Kim, Green; An, Junghyun; Kim, Keecheon

doi:10.1145/3022227.3022277

Cited by 5 publications

(2 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [49], an approach named the application authentication system and deployed outside the controller is proposed, allowing authentication, log history of unauthorized operations, and the management of access permissions, resources, application certificates, authorization elements, authentication and encryption, among others. Similarly, in [50], a security-as-a-service (SEaaS) solution is defined. One of its features is the authorization mechanism between the controller and the applications, taking the Floodlight controller architecture as a reference.…”

Section: A Northbound Interface and Application Planementioning

confidence: 99%

“…Behavior-based access control method + IDS [48] API abuse, DoS, Malicious apps Publish/Subscribe model [49] Lack of authentication mechanisms between the app and the Controller Independent mechanism [50] Lack of authentication mechanisms between the app and the Controller Floodlight-based mechanism [51] [52] Nonencrypted communication between app and controller Lack of management over reliability Lack of access control Use of REST-like functions [53] Lack of third-party app authentication NTRU encryption algorithm and NSS digital signatures [54] Malicious apps NTRU encryption algorithm S=spoofing, T=tampering, R=repudiation, I= information disclosure, D=denial of service, E=elevation of privilege…”

Section: B East/westbound Interface and Control Planementioning

confidence: 99%

See 1 more Smart Citation

A Survey of the Main Security Issues and Solutions for the SDN Architecture

et al. 2021

View full text Add to dashboard Cite

The software-defined networking (SDN) paradigm proposes the decoupling of control and data planes and a centralized software-oriented management approach based on a central controller, easing the development of new applications and services. These design principles pave the way for a more flexible, fast, and dynamic software-controlled network. However, in terms of security, the elements that comprise the SDN architecture present several vulnerabilities, which could be exploited by attackers to carry out malicious actions and thus affect the network and its services. Although for several years, some studies have already focused on identifying the weaknesses of the SDN layer structure, the nature of the attacks, and possible solutions for this paradigm, the literature contains few contributions that review and discuss this topic in an integral fashion. This paper provides a comprehensive, updated, and detailed review of the main security issues and mitigating measures for all layers and interfaces of the SDN architecture, classifying the contributions according to the STRIDE threat modeling methodology categories. Finally, this manuscript identifies, discusses, and synthesizes open challenges and future research directions in this area.

show abstract

Section: A Northbound Interface and Application Planementioning

confidence: 99%