Popis: |
Software Defined Networking (SDN) is a novel approach to allow configuration of networks in real time and a centralized manner. Likewise to legacy network architectures, security mechanisms are used to protect the network and the end-hosts within the network against attacks. While the properties of SDN allow to implement sophisticated security mechanism as extension of the centralized controllers, they also make the controllers and any extensions of its functionality a valuable target for attackers. This motivates to analyze the security of security applications for SDN. In this paper, two security applications namely, OpenFlow-Random Host Mutation and Resonance, are analyzed using STRIDE. It is shown that most threats for the two security applications can be mitigated by using existing security mechanisms. Furthermore, general suggestions that should be considered when designing security applications for SDN are derived. |