Analysis of SDN Contributions for Cloud Computing Security

Cloud infrastructures are composed fundamentally of computing, storage, and networking resources. In regards to network, Software-Defined Networking (SDN) has become one of the most important architectures for the management of networks that require frequent re-policing or re-configurations. Considering the already known security issues of Cloud Computing, SDN helps to give fast answers to emerging threats, but also introduces new vulnerabilities related to its own architecture. In this paper, we analyze recent security proposals derived from the use of SDN, and elaborate on whether it helps to improve trust, security and privacy in Cloud Computing. Moreover, we discuss security concerns introduced by the SDN architecture and how they could compromise Cloud services. Finally, we explore future security perspectives with regard to leveraging SDN benefits and mitigating its security issues.

[1]  Andrei V. Gurtov,et al.  SDN Based Inter-Technology Load Balancing Leveraged by Flow Admission Control , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[2]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[3]  Issa M. Khalil,et al.  Cloud Computing Security: A Survey , 2014, Comput..

[4]  Yonggang Wen,et al.  “ A Survey of Software Defined Networking , 2020 .

[5]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[6]  Raouf Boutaba,et al.  PolicyCop: An Autonomic QoS Policy Enforcement Framework for Software Defined Networks , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[7]  Alexandru Paler,et al.  Platforms and Software Systems for an Autonomic Internet , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[8]  Bu-Sung Lee,et al.  An efficient flow cache algorithm with improved fairness in Software-Defined Data Center Networks , 2013, 2013 IEEE 2nd International Conference on Cloud Networking (CloudNet).

[9]  Alexandru Paler,et al.  Scalable service deployment on software-defined networks , 2011, IEEE Communications Magazine.

[10]  Kpatcha M. Bayarou,et al.  OrchSec: An orchestrator-based architecture for enhancing network-security using Network Monitoring and SDN Control functions , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[11]  Tzi-cker Chiueh,et al.  In-Band Control for an Ethernet-Based Software-Defined Network , 2014, SYSTOR 2014.

[12]  Mathieu Bouet,et al.  Cost-Based Placement of Virtualized Deep Packet Inspection Functions in SDN , 2013, MILCOM 2013 - 2013 IEEE Military Communications Conference.

[13]  Siani Pearson,et al.  Privacy, Security and Trust in Cloud Computing , 2013 .

[14]  Ying Zhang,et al.  Fast failover for control traffic in Software-defined Networks , 2012, 2012 IEEE Global Communications Conference (GLOBECOM).

[15]  Amin Vahdat,et al.  A scalable, commodity data center network architecture , 2008, SIGCOMM '08.

[16]  Norbert Ritter,et al.  On the Move to Meaningful Internet Systems: OTM 2013 Conferences , 2013, Lecture Notes in Computer Science.

[17]  Rob Sherwood,et al.  The controller placement problem , 2012, HotSDN '12.

[18]  Abhinav Mishra,et al.  Cloud computing security considerations , 2011, 2011 IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC).

[19]  Guofei Gu,et al.  CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?) , 2012, 2012 20th IEEE International Conference on Network Protocols (ICNP).

[20]  Stefan Schmid,et al.  Exploiting locality in distributed SDN control , 2013, HotSDN '13.

[21]  Lisandro Zambenedetti Granville,et al.  Resource management in IaaS cloud platforms made flexible through programmability , 2014, Comput. Networks.

[22]  Chunming Rong,et al.  Multi-tenant Network Monitoring Based on Software Defined Networking , 2013, OTM Conferences.

[23]  Si-Qing Zheng,et al.  A new class of data center network structures , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[24]  Zulaiha Ali Othman,et al.  Multilayer packet tagging for network behaviour analysis , 2010, 2010 International Symposium on Information Technology.

[25]  Marcos A. Simplício,et al.  A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing , 2011, CloudCom.

[26]  Lisandro Zambenedetti Granville,et al.  ProViNet - An Open Platform for Programmable Virtual Network Management , 2013, COMPSAC.

[27]  Azer Bestavros,et al.  Software-Defined IDS for securing embedded mobile devices , 2013, 2013 IEEE High Performance Extreme Computing Conference (HPEC).

[28]  Akhil Behl Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation , 2011, 2011 World Congress on Information and Communication Technologies.

[29]  Lei Shi,et al.  Dcell: a scalable and fault-tolerant network structure for data centers , 2008, SIGCOMM '08.

[30]  Sadie Creese,et al.  The Cloud: Understanding the Security, Privacy and Trust Challenges , 2011 .

[31]  Anja Feldmann,et al.  Logically centralized?: state distribution trade-offs in software defined networks , 2012, HotSDN '12.

[32]  Lei Sun,et al.  A Network Management Solution Based on OpenFlow Towards New Challenges of Multitenant Data Center , 2012, 2012 9th Asia-Pacific Symposium on Information and Telecommunication Technologies (APSITT).

[33]  Andrei Vladyko,et al.  A fuzzy logic-based information security management for software-defined networks , 2014, 16th International Conference on Advanced Communication Technology.

[34]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[35]  Alberto Schaeffer-Filho,et al.  Towards SLA Policy Refinement for QoS Management in Software-Defined Networking , 2014, 2014 IEEE 28th International Conference on Advanced Information Networking and Applications.

[36]  Sunhee Yang,et al.  Building firewall over the software-defined network controller , 2014, 16th International Conference on Advanced Communication Technology.

[37]  Jinwook Kim,et al.  QoS-aware Network Operating System for software defined networking with Generalized OpenFlows , 2012, 2012 IEEE Network Operations and Management Symposium.