nach oben

Erschienen in:

2014 | OriginalPaper | Buchkapitel

Cloud Computing Security: What Changes with Software-Defined Networking?

verfasst von : Maurício Tsugawa, Andréa Matsunaga, José A. B. Fortes

Erschienen in: Secure Cloud Computing

Verlag: Springer New York

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Broadly construed, Software-Defined Networking (SDN) refers to the use of a standards-based open architecture and its supporting open source and open interfaces technologies to enable the deployment, management, and operation of networks. While traditional network management relies on vendor-specific hardware, protocols, and software, SDN systems are architected to have well-defined control and data planes offering flexible management interfaces. The enhanced control enabled by SDN opens opportunities for better cloud security engineering. At the same time, new vulnerabilities are potentially exposed as new technologies are introduced. This chapter discusses how SDN impacts cloud security, and potential risks that need to be addressed when SDN is deployed within and across clouds.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Hardware-Enhanced Security for Cloud Computing

Nächstes Kapitel Proof of Isolation for Cloud Storage

Apache CloudStack Project. http://www.cloudstack.org. Cited 14 June 2013.

Bernstein D and Vij D (2010) Intercloud Security Considerations. In 2010 IEEE Second International Conference on Cloud Computing Technology and Science (CloudCom). 537–44. IEEE, Indianapolis, USA. doi:10.1109/CloudCom.2010.82.CrossRef

Bernstein D, Ludvigson E, Sankar K, Diamond S, and Morrow M (2009) Blueprint for the Intercloud - Protocols and Formats for Cloud Computing Interoperability. In Fourth International Conference on Internet and Web Applications and Services 2009 (ICIW ’09). 328–36. Venice/Mestre. doi:10.1109/iciw.2009.55.

Case JD, Fedor M, Schoffstall ML, and Davin J (1990) A Simple Network Management Protocol (SNMP). IETF RFC 1157, 1–36.

Google - IPv6 statistics. http://www.google.com/intl/en/ipv6/statistics.html. Cited 14 June 2013.

Greene K (2009) TR10: Software-Defined Networking. Technology Review (MIT). http://www2.technologyreview.com/article/412194/tr10-software-defined-networking/. Accessed 14 June 2013.

Gude N, Koponen T, Pettit J, Pfaff B, Casado M, McKeown N et al. (2008) NOX: towards an operating system for networks. ACM SIGCOMM Computer Communication Review 38, 105–10. doi:10.1145/1384609.1384625.

Handigol N, Heller B, Jeyakumar V, Maziéres D, and McKeown N (2012) Where is the debugger for my software-defined network? In Proceedings of the first workshop on Hot topics in software defined networks. Vol. pp. 55–60, ACM, Helsinki.

Hölzle U (2012) OpenFlow@Google. Open Networking Summit 2012. http://www.youtube.com/watch?v=VLHJUfgxEO4. Accessed 14 June 2013.

10.

Internet Engineering Task Force. http://www.ietf.org. Cited 14 June 2013.

11.

Internet2 (2012) Internet2 Innovation Platform FAQ. Internet2. http://www.internet2.edu/pubs/Internet2-Innovation-Platform-FAQ.pdf. Accessed 14 June 2013.

12.

Interworking Task Group of IEEE 802.1 (2011) IEEE Standard for Local and metropolitan area networks–Media Access Control (MAC) Bridges and Virtual Bridged Local Area Networks. IEEE Std 802.1Q-2011 (Revision of IEEE Std 802.1Q-2005) 1–1364. doi:10.1109/ieeestd.2011.6009146.

13.

Keahey K, Tsugawa M, Matsunaga A, and Fortes JAB (2009) Sky Computing. In IEEE Internet Computing. Vol. 13, pp. 43–51.

14.

McKeown N (2008) Why can’t I innovate in my wiring closet? The Stanford Clean Slate Program. http://www.openflow.org/documents/OpenFlow.ppt. Accessed 14 June 2013.

15.

McKeown N, Anderson T, Balakrishnan H, Parulkar G, Peterson L, Rexford J et al. (2008) OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review 38, 69–74. doi:10.1145/1355734.1355746.

16.

Mehdi SA, Khalid J, and Khayam SA (2011) Revisiting traffic anomaly detection using software defined networking. In Proceedings of the 14th international conference on Recent Advances in Intrusion Detection (RAID’11). 161–80. Springer-Verlag, Menlo Park, CA. doi:10.1007/978-3-642-23644-0_9.CrossRef

17.

Nadeau T and Pan P (2011) Software Driven Networks Problem Statement. IETF Internet-Draft (work-in-progress) draft-nadeau-sdnproblem-statement-01.

18.

Nascimento MR, Rothenberg CE, Salvador MR, Corrêa CNA, Lucena SCd, and Magalhães MF (2011) Virtual routers as a service: the RouteFlow approach leveraging software-defined networks. In Proceedings of the 6th International Conference on Future Internet Technologies. 34–7. ACM, New York, NY, Seoul, Republic of Korea. doi:10.1145/2002396.2002405.

19.

Nayak AK, Reimers A, Feamster N, and Clark R (2009) Resonance: dynamic access control for enterprise networks. In Proceedings of the 1st ACM workshop on Research on enterprise networking. 11–8. ACM, doi:10.1145/1592681.1592684.

20.

NOX OpenFlow Controller. http://www.noxrepo.org. Cited 14 June 2013.

21.

OpenFlow. http://www.openflow.org. Cited 14 June 2013.

22.

OpenFlowSec. http://www.openflowsec.org. Cited 14 June 2013.

23.

Open Networking Foundation. http://www.opennetworking.org. Cited 14 June 2013.

24.

Open Networking Summit. http://www.opennetsummit.org. Cited 14 June 2013.

25.

Piper S (2013) In Big Data Security for Dummies. John Wiley & Sons, Inc.

26.

Porras P, Shin S, Yegneswaran V, Fong M, Tyson M, and Gu G (2012) A security enforcement kernel for OpenFlow networks. In Proceedings of the first workshop on Hot topics in software defined networks. 121–6. ACM, New York, NY, Helsinki, Finland. doi:10.1145/2342441.2342466.CrossRef

27.

Reitblatt M, Foster N, Rexford J, and Walker D (2011) Consistent updates for software-defined networks: Change you can believe in! In Proceedings of the 10th ACM Workshop on Hot Topics in Networks. ACM, Cambridge. doi:10.1145/2070562.2070569.

28.

Rothenberg CE, Nascimento MR, Salvador MR, Corrêa CNA, Lucena SCd, and Raszuk R (2012) Revisiting routing control platforms with the eyes and muscles of software-defined networking. In Proceedings of the first workshop on Hot topics in software defined networks. 13–8. ACM, Helsinki, Finland. doi:10.1145/2342441.2342445.

29.

Sherwood R, Gibb G, Yap K-K, Appenzeller G, Casado M, McKeown N et al. (2009) FlowVisor: A Network Virtualization Layer. OpenFlow Switch Consortium, Tech. Rep. OPENFLOW-TR-2009-1.

30.

Sherwood R, Gibb G, Yap K-K, Appenzeller G, Casado M, McKeown N et al. (2010) Can the Production Network Be the Testbed? In 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI). 365–78. USENIX Association, Vancouver, BC, Canada.

31.

Shin S and Gu G (2012) CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?). In 2012 20th IEEE International Conference on Network Protocols (ICNP). 1–6. Austin, TX. doi:10.1109/icnp.2012.6459946.CrossRef

32.

Skowyra R, Lapets A, Bestavros A, and Kfoury A (2013) Verifiably-Safe Software-Defined Networks for CPS. In Proceedings of the 2nd ACM International Conference on High Confidence Networked Systems (HiCoNS 2013), Philedelphia, PA, USA. ACM, Philadelphia.

33.

Stabler G, Rosen A, Goasguen S, and Wang K-C (2012) Elastic IP and security groups implementation using OpenFlow. In Proceedings of the 6th international workshop on Virtualization Technologies in Distributed Computing Date. ACM, Delft, The Netherlands. doi:10.1145/2287056.2287069.

34.

Waite A (2010) InfoSec Triads: Security/Functionality/Ease-of-use. http://blog.infosanity.co.uk/2010/06/12/infosec-triads-securityfunctionalityease-of-use/. Accessed 14 June 2013.

35.

Yap K-K, Yiakoumis Y, Kobayashi M, Katti S, Parulkar G, and McKeown N (2011) Separating authentication, access and accounting: A case study with OpenWiFi. Technical report, OpenFlow 2011-1.

Titel: Cloud Computing Security: What Changes with Software-Defined Networking?
verfasst von: Maurício Tsugawa
Andréa Matsunaga
José A. B. Fortes
Verlag: Springer New York
Buch: Secure Cloud Computing
Print ISBN: 978-1-4614-9277-1

Electronic ISBN: 978-1-4614-9278-8

Copyright-Jahr: 2014
DOI: https://doi.org/10.1007/978-1-4614-9278-8_4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner