期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

浅析SDN安全需求和安全实现 被引量:9

Study on Security in SDN
下载PDF
导出
摘要 首先对SDN和网络安全相关的架构(如SANE、Ethane)进行了调研;其次,分析了SDN的安全需求和安全应用的现状,包括应用层和控制层之间、控制层和转发平面之间的安全需求研究现状以及在SDN上实现安全应用的现状;最后,探讨了SDN应用的认证、授权的解决方案,并对策略冲突消解、网络安全应用实现的现状进行了总结。 Security related SDN architecture was investigated, including SANE,Ethane, etc., then current state on security requirement analysis in SDN was reported, which was separated into two parts, one was between application plane and control plane, and the other was between control plane and data plane. Subsequently, the mechanisms of security applications in SDN were discussed, especially the resolutions on application authentication and authorization using OAuth and ABFAB framework. In the end, a summarize in policy conflict resolution and security implementation were given.
作者 周苏静
机构地区 中兴通讯股份有限公司
出处 《电信科学》 北大核心 2013年第9期113-116,共4页 Telecommunications Science
关键词 软件定义网络 安全 认证 授权 software defined networking, security, authentication, authorization
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献12

  • 1Casado M.Architectural support for security management in enterprise networks.Doctoral Dissertation,Stanford University,2007.
  • 2ONF.Sofiware-Defined Networking:the New Norm for Networks.ONF White Paper,2012.
  • 3ONF.OpenFlow Switch Specification Version 1.3.1,2012.
  • 4Wasserman M,Hartman S.Security Analysis of the Open Networking Foundation (ONF) OpenFlow Switch Specification.IETF Draft(draft-mrw-sdnsec-openflow-analysis),2013.
  • 5Hartman S,Wasserman M,Zhang D.Security Requirements in the Software Defined Networking Model,IETF Draft (draft-hartman-sdnsec-requirements),2013.
  • 66 Porrasy P,Shinz S,Yegneswaran V,et al.A security enforcement kernel for OpenFlow networks.Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN),Helsinki,Finland,August 2012.
  • 7Shin S,Porras P,Yegneswaran V,et al.FRESCO:modular composable security services for software-defined networks.Proceedings of the ISOC Network and Distributed System Security Symposium,San Diego,CA,February 2013.
  • 8王淑玲,李济汉,张云勇,房秉毅.SDN架构及安全性研究[J].电信科学,2013,29(3):117-122. 被引量:48
  • 9郭春梅,张如辉,毕学尧.SDN网络技术及其安全性研究[J].信息网络安全,2012(8):112-114. 被引量:31
  • 10Hardt D.The OAuth 2.0 Authorization Framework.IETF RFC6749,2012.

二级参考文献15

  • 1Yu-Hunag Chu, Yao-Ting Chen, Yu-Chieh Chou, Min-Chi Tseng. A simplified cloud computing network architecture using future internet technologies [C]. Network Operations and Management Symposium (APNOMS), 2011 13th Asia-Pacific, 1-4.
  • 2Hongyu Hu, Jun Bi, Tao Feng, Sen Wang, Pingping Lin, You Wang. A Survey on New Architecture Design of Intemet [C]. 2011 International Conference on Computational and Information Sciences (ICCIS), Chengdu, China: 2011. 729-732.
  • 3Yoshihiko Kanaumi, Shu-ichi Saito, Eiji Kawai, etc. Deployment and operation of wide-area hybrid OpenFlow networks [C]. Network Operations and Management Symposium (NOMS), 2012 IEEE, 1135-1142.
  • 4Hideyuki Shimonishi and Shuji Ishii. Virtualized network infrastructure using OpenFlow [C]. Network Operations and Management Symposium Workshops (NOMS Wksps), 2010 IEEE/IFIP, 74-79.
  • 5Stanford University. About Clean Slate [EB/OL]. http://cleanslate, stanford.edu/about_cleanslate.php, 2012-5-30.
  • 6Martin Casado, Michael J. Freedman, Justin Pettit, Jiangying Luo, Nick McKeown, Scott Shenker. Ethane: taking control of the enterprise [C] ACM SIGCOMM. Proceeding of the 2007 conference on Applications, technologies, architectures, and protocles for computer communication. Kyoto, Japan:2007, 1-12.
  • 7Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker, Jonathan Turner. OpenFlow: enabling innovation in campus networks [J]. ACM SIGCOMM Computer Communication Review, 2008, 38(2):69-74.
  • 8Open Networking Foundation. Software-Defined Networking: the new norm for networks [EB/OL]. https://www.opennetworking. org/images/stories/downloads/white-papers/wp-sdn- newnorm.pdf, 2012-4-13/2012-5-30.
  • 9Stanford OpenFlow team. OpenFlow switch specification [EB/OL], http://www.openflow.org/documents/openflow-spec-v1.1.0.pdf, 2011-2-28/2012-5-30.
  • 10吕博.网络虚拟化资源管理架构与映射算法研究.北京邮电大学博士学位论文.201l.

共引文献72

同被引文献62

  • 1谢进柳.3GPP安全架构演进探讨[J].保密科学技术,2012(7):24-29. 被引量:1
  • 2张永,方滨兴,包秀国.网络可生存性研究概述[J].计算机工程与应用,2005,41(7):119-121. 被引量:8
  • 3孙钦东,张德运,高鹏.基于时间序列分析的分布式拒绝服务攻击检测[J].计算机学报,2005,28(5):767-773. 被引量:55
  • 4张新刚,刘妍.可信计算与可信网络[J].信息安全与通信保密,2006,28(11):85-87. 被引量:5
  • 5陈自力 林德敬 林柏钢.第二、三代移动通信系统安全体系的分析与比较.通信技术,2003,6:97-100.
  • 63GPP TS 33.120. Security principles and objectives [S]. 2010.
  • 73GPP TS 33.102.3G Security: Security architecture [S]. 2010.
  • 83GPP TS 33.401.3GPP System Architecture Evolution (SAE) : Security architecture [S]. 2012.
  • 93GPP TS 35.221. Specification of the 3GPP Confidentiality and Integrity Algorithms EEA3 & ETA3; Document 1 : EEA3 and EIA3 specifications [S], 2014.
  • 103GPP TS 35.222. Specification of the 3GPP Confidentiality and Integrity Algorithms EEA3 & EIA3; Document 2: ZUC specification IS]. 2014.

引证文献9

二级引证文献50

电信科学
2013年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部