The maturity level of any technology grows with knowledge from different security incidents experienced throughout its life cycle. Security solutions for conventional networks are developed by capitalizing on the profile of the threats that are specific to those architectures. Since SDN concept has not yet developed such a strong base of knowledge; it must show that its design and implementation take full account of the requirements of security. Through this article, we address the issue of SDN security by two dimensions. The first is the intrinsic resilience of the network itself as a key asset within the information system (availability and access control). The second is related to the contribution of the SDN concept in improving the security of data transmitted over the network (security applications). Given the few studies that discussed these two dimensions, we will analyze the different security issues by confronting the recommendations of the OpenFlow specification and some studies that focused on the security area against the state of the art.
[1]
Mabry Tyson,et al.
FRESCO: Modular Composable Security Services for Software-Defined Networks
,
2013,
NDSS.
[2]
Mabry Tyson,et al.
A security enforcement kernel for OpenFlow networks
,
2012,
HotSDN '12.
[3]
Ross J. Anderson,et al.
Authentication for Resilience: The Case of SDN
,
2013,
Security Protocols Workshop.
[4]
Marco Canini,et al.
Automatic failure recovery for software-defined networks
,
2013,
HotSDN '13.
[5]
Michiaki Hayashi,et al.
Scalable OpenFlow Controller Redundancy Tackling Local and Global Recoveries
,
2013
.
[6]
Giuseppe Bianchi,et al.
OpenState: programming platform-independent stateful openflow applications inside the switch
,
2014,
CCRV.
[7]
Nick McKeown,et al.
OpenFlow: enabling innovation in campus networks
,
2008,
CCRV.