检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:王月 吕光宏[1] 曹勇 WANG Yue;LYU Guang-hong;CAO Yong(School of Computer,Sichuan University,Chengdu 610065,China)
出 处:《计算机技术与发展》2018年第4期128-132,共5页Computer Technology and Development
基 金:国家"863"高技术发展计划项目(2008AA01Z105)
摘 要:随着网络规模的扩大及业务的多样化,原有的网络架构难以满足未来发展需求,软件定义网络(software defined networking,SDN)作为一种新型网络架构被提出。将控制平面从数据平面中分离出来,控制平面的集中管控简化了网络配置管理,实现了灵活部署,提高了网络性能。利用SDN的集中获取信息的特性可对网络中的安全威胁进行监督检测,提高网络安全性。然而SDN在带来便利的同时也带来了新的安全问题。文中从SDN的各层及接口对网络安全问题进行分析,并对现有的解决方案进行了分类,分别从提升SDN控制器安全性、DoS/DDoS攻击防御、流规则一致性、提升应用程序安全性、北向接口标准化这5个方面进行了探讨,进而得出结论,并对未来进行展望。With the expansion of the network and the diversification of the business,the original network architecture is difficult to meet the future development requirements,so software defined network(SDN)as a new network architecture is proposed.SDN separates the control plane from the data plane,and the centralized control of control plane simplifies the network configuration management,which enables flexible deployment and improves the overall network performance.The feature of SDN's concentrated accessing information can supervise and detect the threats in the network to improve its security.However,SDN also brings us new security problems as well as convenience.In this paper,we analyze the network security from SDN layers and interfaces and classify the existing solutions.And we make a discussion in five aspects including enhancing SDN controller security,DoS/DDoS attack defense,flow rules consistency,raising the application security and standardizing the north interface,then get a set of conclusion and prospects for the future.
关 键 词:软件定义网络 OpenFlow 安全威胁 SDN安全
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28
