Diego Kreutz
ABSTRACT
Software-defined networking empowers network operators with more flexibility to program their networks. With SDN, network management moves from codifying functionality in terms of low-level device configurations to building software that facilitates network management and debugging. By separating the complexity of state distribution from network specification, SDN provides new ways to solve long-standing problems in networking --- routing, for instance --- while simultaneously allowing the use of security and dependability techniques, such as access control or multi-path.
However, the security and dependability of the SDN itself is still an open issue. In this position paper we argue for the need to build secure and dependable SDNs by design. As a first step in this direction we describe several threat vectors that may enable the exploit of SDN vulnerabilities. We then sketch the design of a secure and dependable SDN control platform as a materialization of the concept here advocated. We hope that this paper will trigger discussions in the SDN community around these issues and serve as a catalyser to join efforts from the networking and security & dependability communities in the ultimate goal of building resilient control planes.
References
- T. Koponen et al. "Onix: a distributed control platform for large-scale production networks". In: OSDI. 2010. Google Scholar
- N. Gude et al. "NOX: towards an operating system for networks". In: Comp. Comm. Rev. (2008). Google Scholar
- M. Caesar et al. "Design and implementation of a routing control platform". In: NSDI. 2005. Google Scholar
- M. Casado et al. "Rethinking Enterprise Network Control". In: ACM Trans. on Networking 17.4 (2009). Google Scholar
- P. Porras et al. "A security enforcement kernel for OpenFlow networks". In: HotSDN. ACM, 2012. Google Scholar
- S. Shin et al. "FRESCO: Modular Composable Security Services for Software-Defined Networks". In: Internet Society NDSS. 2013.Google Scholar
- N. McKeown et al. "OpenFlow: enabling innovation in campus networks". In: Comp. Comm. Rev. (2008). Google Scholar
- S. Sorensen. Security implications of software-defined networks. 2012. url: http://goo.gl/BiXH2.Google Scholar
- S. M. Kerner. Is SDN Secure? 2013. url: http://goo.gl/lPn2V.Google Scholar
- D. Kushner. The Real Story of Stuxnet. 2013. url: http://goo.gl/HIEHQ.Google Scholar
- C. Tankard. "Advanced Persistent threats and how to monitor and deter them". In: Network Sec. (2011).Google Scholar
- Z. Yan and C. Prehofer. "Autonomic Trust Management for a Component-Based Software System". In: IEEE Trans. on Dep. and Sec. Computing 8.6 (2011). Google Scholar
- R. Holz et al. "X.509 Forensics: Detecting and Localising the SSL/TLS Men-in-the-Middle". In: Computer Security. LNCS. 2012.Google Scholar
- M. Georgiev et al. "The most dangerous code in the world: validating SSL certificates in non-browser software". In: ACM CCS. 2012. Google Scholar
- R. Sherwood et al. FlowVisor: A Network Virtualization Layer. Tech. rep. Deutsche Telekom Inc. R&D Lab, Stanford, Nicira Networks, 2009.Google Scholar
- Y. G. Desmedt. "Threshold cryptography". In: European Trans. on Telecommunications 5.4 (1994).Google Scholar
- F. B. Schneider. "Implementing fault-tolerant services using the state machine approach: a tutorial". In: ACM Comput. Surv. 22.4 (Dec. 1990). Google Scholar
- P. Sousa et al. "Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery". In: IEEE Trans. Parallel Distrib. Syst. 21.4 (2010). Google Scholar
- G. Veronese et al. "Efficient Byzantine Fault-Tolerance". In: IEEE Trans. on Computers 62.1 (2013). Google Scholar
- G. Veronese et al. \EBAWA: Efficient Byzantine Agreement for Wide-Area Networks". In: IEEE HASE. 2010. Google Scholar
- R. Kapitza et al. "CheapBFT: resource-efficient byzantine fault tolerance". In: ACM EuroSys. 2012. Google Scholar
- J. Hendricks, G. R. Ganger, and M. K. Reiter. "Low-overhead byzantine fault-tolerant storage". In: SIGOPS Oper. Syst. Rev. 41.6 (Oct. 2007). Google Scholar
- P. Verissimo et al. "Intrusion-tolerant middleware: the road to automatic security". In: IEEE Security & Privacy 4.4 (2006). Google Scholar
- J. Korniak. "The GMPLS Controlled Optical Networks as Industry Communication Platform". In: IEEE Trans. on Industrial Informatics 7.4 (2011).Google Scholar
- S. Neti, A. Somayaji, and M. E. Locasto. "Software diversity: Security, Entropy and Game Theory". In: 7th USENIX HotSec. 2012. Google Scholar
- M. Garcia et al. "Analysis of operating system diversity for intrusion tolerance". In: Software: Practice and Experience (2013).Google Scholar
- B. Heller, R. Sherwood, and N. McKeown. "The controller placement problem". In: HotSDN. 2012. Google Scholar
- J. C. Mogul and P. Congdon. "Hey, you darned counters!: get off my ASIC!" In: HotSDN. 2012. Google Scholar
- A. Barth et al. The Security Architecture of the Chro-mium Browser. Tech. rep. Stanford University, 2008.Google Scholar
- J. H. Perkins et al. "Automatically patching errors in deployed software". In: ACM SIGOPS SOSP. 2009. Google Scholar
- N. Foster et al. "Frenetic: a network programming language". In: SIGPLAN Not. (2011). Google Scholar
- A. Khurshid et al. "VeriFlow: verifying network-wide invariants in real time". In: HotSDN. 2012. Google Scholar
Index Terms
Towards secure and dependable software-defined networks
Comments