Popis: |
Today's data networks are steadily growing in size and complexity. Especially in enterprise networks, these development lead to the requirement of a central network administration. With Software Defined Networking (SDN), this requirement can be fulfilled. However, new security considerations such as the protection of the central component must be taken into account. Motivated by the new security requirements that security should play a key role in SDN architectures. This paper chooses some architectures, namely, the Path Computation Element (PCE), 4D, and the Secure Architecture for the Networked Enterprise (SANE). These architectures are analyzed with respect to its security capabilities using Microsoft's threat modeling technique, STRIDE. The analysis shows that architectures such as PCE and 4D are vulnerable to tampering and information disclosure as well as Denial of Service attacks. The detected threats can be mitigated by using standard technologies such as TLS and IPsec for securing the communication between interactors. |