“Common Criteria” and Software-Defined Network (SDN) Security

机译：“常见标准”和软件定义的网络（SDN）安全性

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

“Common criteria” (ISO 15408) is a universally recognized and broadly applicable approach to information security solutions management and evaluation. “Common criteria” leans on developing a shared conceptual basis for key security solution modules including protection profiles and security targets. Conceptual basis development implies defining the following elements: security objectives and assumptions (for the environment and the object), threats and security policies, as well as functional and assurance requirements. The specifics of SDN security solutions is largely driven by fundamental architectural principles of SDN technology itself-primarily by the separation of control and data flows, - and by conditions imposed by Open Flow protocol application. However, proactive (threats and policies), passive (objectives and assumptions) and reactive (requirements) aspects of security management remain highly relevant for this type of security solutions. This paper discusses the Common Criteria application specifics for assessing the of SDN security and practical MTUCI experience in the development of the protection profile. A new class of network attacks on SDN switches and controllers can involve either data or control components. In addition to traditional vulnerabilities, centralization of management functions paves way for new security threats by isolating controller's activity and administrative message exchange. Therefore, identifying and analyzing threats, policies and requirements specific to SDN control module security becomes an emergina priority.

机译：“常见标准”（ISO 15408）是一种普遍认可和广泛适用的信息安全解决方案管理和评估方法。 “常见标准”倾向于开发共享概念性的关键安全解决方案模块，包括保护配置文件和安全目标。概念基础发展暗示定义以下元素：安全目标和假设（用于环境和对象），威胁和安全策略以及功能和保证要求。 SDN安全解决方案的具体细节主要由SDN技术的基本架构原则自身的基本架构原则引发 - 主要通过控制和数据流的分离， - 通过开放流程协议应用所施加的条件。但是，安全管理的主动（威胁和政策），被动（目标和假设）和无功（要求）方面对这种类型的安全解决方案保持高度相关。本文讨论了评估保护概况中的SDN安全和实用MTUCI经验的常见标准应用细节。对SDN交换机和控制器的新类网络攻击可以涉及数据或控制组件。除了传统的漏洞外，管理功能的集中化还通过隔离控制器的活动和管理信息交换来为新的安全威胁铺平道路。因此，识别和分析特定于SDN控制模块安全性的威胁，政策和要求成为麦克风优先级。

著录项

来源
《International Scientific and Technical Conference Modern Computer Network Technologies》|2018年|168p|共6页
会议地点
作者
A. Mukhanov; A. Petukhov; P. Pilugin;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP393-53;
关键词
Control systems; Protocols; Software; Firewalls (computing); Intrusion detection; Informatics;

机译：控制系统;协议;软件;防火墙（计算）;入侵检测;信息学;

相似文献

外文文献
中文文献
专利

1. SMSEI-SDN: A Suppression Method of Security Incident Impact for the Inter-Domain Routing System Based on Software-Defined Networking [J] . Huihu Zhu, Han Qiu, Junhu Zhu, Wireless communications & mobile computing . 2021,第a期

机译：SMSEI-SDN：基于软件定义网络的域间路由系统的安全事件影响的抑制方法
2. Software-Defined Networking (SDN): the security review [J] . A. Hussein, Louma Chadad, Nareg Adalian, Journal of Cyber Security Technology . 2020,第1期

机译：软件定义网络（SDN）：安全性审查
3. Improving Internet of Things (IoT) Security with Software-Defined Networking (SDN) [J] . Progress in Artificial Intelligence . 2020,第1期

机译：使用软件定义的网络（SDN）改进事物互联网（IOT）安全性
4. “Common Criteria” and Software-Defined Network (SDN) Security [C] . A. Mukhanov, A. Petukhov, P. Pilugin International Scientific and Technical Conference Modern Computer Network Technologies . 2018

机译：“通用标准”和软件定义网络（SDN）安全性
5. A Software-defined Networking (SDN) Assisted Middleware Interconnecting Supervisory Control and Data Acquisition (SCADA) Systems [D] . Liu, Beibei. 2018

机译：一个软件定义的网络（SDN）辅助中间件互连监控和数据采集（SCADA）系统
6. A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks [O] . Shibo Luo, Mianxiong Dong, Kaoru Ota, 2015

机译：基于软件定义网络的移动网络的安全评估机制
7. Improving Internet of Things (IoT) Security with Software-Defined Networking (SDN) [O] . Abdullah Al Hayajneh, Md Zakirul Alam Bhuiyan, Ian McAndrew 2020

机译：使用软件定义的网络（SDN）改进事物（IOT）安全性

“Common Criteria” and Software-Defined Network (SDN) Security

摘要

著录项

相似文献

相关主题

期刊订阅