Publication type: Article in scientific journal
Type of review: Peer review (publication)
Title: Secured communication channels in software-defined networks
Authors : Yigit, Beytullah
Gür, Gürkan
Tellenbach, Bernhard
Alagöz, Fatih
et. al : No
DOI : 10.1109/MCOM.001.1900060
Published in : IEEE Communications Magazine
Volume(Issue) : 57
Issue : 10
Pages : 63
Pages to: 69
Issue Date: 2019
Publisher / Ed. Institution : IEEE
ISSN: 0163-6804
1558-1896
Language : English
Subject (DDC) : 004: Computer science
Abstract: SDN brings new opportunities to alleviate the existing security deficiencies of traditional networks. However, it also introduces new issues, a primary one being the vulnerabilities related to data and control plane communications. This work presents a security architecture to address security problems regarding data exchange in software-defined networks. To this end, a cryptographic key generation application is proposed to generate certificates that are used for securing communication of SDN entities (controller, switch, and application). We also provide an overview of related literature focusing on key elements in such architecture. In our model, TLS can be activated between SDN nodes to provide confidentiality, integrity, authentication, and authorization with special certificate fields. Besides, an integrated security module further strengthens the communication security by applying ACL, hardening TLS configuration and reducing the impact of private key hijacking. It also facilitates security administration tasks via per-channel activation/ deactivation of TLS protocol and monitoring of real-time security alarms.
URI: https://digitalcollection.zhaw.ch/handle/11475/18526
Fulltext version : Published version
License (according to publishing contract) : Licence according to publishing contract
Departement: School of Engineering
Organisational Unit: Institute of Applied Information Technology (InIT)
Appears in Collections:Publikationen School of Engineering

Files in This Item:
There are no files associated with this item.


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.