软件定义网络及安全防御技术研究
TP309; 软件定义网络(SDN,software-defined networking)将传统网络控制平面与转发平面分离,形成集中式的控制器,开放了网络编程接口,简化网络管理,促进网络创新,优化网络运行.然而,SDN的"三层两接口"架构增加了网络攻击表面,导致诸多新的安全问题.首先,介绍SDN发展、特点及其工作原理,继而从应用层、北向接口、控制层、南向接口、数据层等5个层次归纳存在的安全问题,分析产生的原因;其次,针对各类安全问题讨论最新研究进展及现有解决方案;最后,总结SDN当前和未来的安全挑战,并展望未来SDN安全发展方向....
Saved in:
| Published in | 通信学报 Vol. 38; no. 11; pp. 133 - 160 |
|---|---|
| Main Authors | , , |
| Format | Journal Article |
| Language | Chinese |
| Published |
国家数字交换系统工程技术研究中心,河南郑州,450003
2017
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1000-436X |
| DOI | 10.11959/j.issn.1000-436x.2017221 |
Cover
| Abstract | TP309; 软件定义网络(SDN,software-defined networking)将传统网络控制平面与转发平面分离,形成集中式的控制器,开放了网络编程接口,简化网络管理,促进网络创新,优化网络运行.然而,SDN的"三层两接口"架构增加了网络攻击表面,导致诸多新的安全问题.首先,介绍SDN发展、特点及其工作原理,继而从应用层、北向接口、控制层、南向接口、数据层等5个层次归纳存在的安全问题,分析产生的原因;其次,针对各类安全问题讨论最新研究进展及现有解决方案;最后,总结SDN当前和未来的安全挑战,并展望未来SDN安全发展方向. |
|---|---|
| AbstractList | TP309; 软件定义网络(SDN,software-defined networking)将传统网络控制平面与转发平面分离,形成集中式的控制器,开放了网络编程接口,简化网络管理,促进网络创新,优化网络运行.然而,SDN的"三层两接口"架构增加了网络攻击表面,导致诸多新的安全问题.首先,介绍SDN发展、特点及其工作原理,继而从应用层、北向接口、控制层、南向接口、数据层等5个层次归纳存在的安全问题,分析产生的原因;其次,针对各类安全问题讨论最新研究进展及现有解决方案;最后,总结SDN当前和未来的安全挑战,并展望未来SDN安全发展方向. |
| Abstract_FL | Software-defined network (SDN) separated the traditional control plane from the data plane, formed a centralized controller, opened up the network programming interface, simplified network management, promoted network innovation and optimized network operation. However, SDN's "three-layer two-interface" architecture increased the net-work attack surface, resulting in many new security issues. The development, characteristics and working principle of SDN were first introduced, and the existing security problems from the application layer, the northbound interface, the control plane, the southbound interface, the data plane were summarized respectively. Secondly, the latest research progress and existing solutions were discussed. Finally, SDN current and future security challenges were summarized, and the future SDN security development direction was looked forward to. |
| Author | 陈鸿昶 程国振 王涛 |
| AuthorAffiliation | 国家数字交换系统工程技术研究中心,河南郑州,450003 |
| AuthorAffiliation_xml | – name: 国家数字交换系统工程技术研究中心,河南郑州,450003 |
| Author_FL | WANG Tao CHENG Guo-zhen CHEN Hong-chang |
| Author_FL_xml | – sequence: 1 fullname: WANG Tao – sequence: 2 fullname: CHEN Hong-chang – sequence: 3 fullname: CHENG Guo-zhen |
| Author_xml | – sequence: 1 fullname: 王涛 – sequence: 2 fullname: 陈鸿昶 – sequence: 3 fullname: 程国振 |
| BookMark | eNrjYmDJy89LZWBQNDTQMzS0NLXUz9LLLC7O0zM0MDDQNTE2q9AzMjA0NzIyZGHghIlFcDDwFhdnJhmYGhqbmxkYG3Iy6L7Yu_7J7m1P1816srPz-d6Jz3fPedrf9XRd59PWFS9nbHq6b-GzroZnc9Y_XzDl-cptPAysaYk5xam8UJqbIcTNNcTZQ9fH393T2dFHN9nU3EQ3Kck8Kc0g2TLJ2MLIMDkpxRjoEgNTc2MjQ3NLQ8OkVNMUUwsj0yRLoAssDRONk0xNkywSDS1MjC1MUkyMDc2MuRlUIcaWJ-alJealx2fllxblAS2ML6moSAL5y9DQwNDEGABDSVaa |
| ClassificationCodes | TP309 |
| ContentType | Journal Article |
| Copyright | Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| Copyright_xml | – notice: Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| DBID | 2B. 4A8 92I 93N PSX TCJ |
| DOI | 10.11959/j.issn.1000-436x.2017221 |
| DatabaseName | Wanfang Data Journals - Hong Kong WANFANG Data Centre Wanfang Data Journals 万方数据期刊 - 香港版 China Online Journals (COJ) China Online Journals (COJ) |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| DocumentTitle_FL | Research on software-defined network and the security defense technology |
| EndPage | 160 |
| ExternalDocumentID | txxb201711014 |
| GrantInformation_xml | – fundername: 国家自然科学基金资助项目; 国家重点研发计划基金资助项目(No.2016YFB0800100,No.2016YFB0800101) The National Natural Science Foundation of China; The National Key Research and Development Program of China funderid: (61521003,61602509); (61521003,61602509); (2016YFB0800100,2016YFB0800101) |
| GroupedDBID | -0Y 2B. 4A8 92I 93N ALMA_UNASSIGNED_HOLDINGS CCEZO CUBFJ GROUPED_DOAJ PSX TCJ |
| ID | FETCH-LOGICAL-c574-bb7bf0c9b3821cbd32010573217911be5d5825b960391a3b55b8a184384d43163 |
| ISSN | 1000-436X |
| IngestDate | Thu May 29 04:00:48 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Issue | 11 |
| Keywords | SDN安全 network security OpenFlow 软件定义网络 SDN security SDN 网络安全 |
| Language | Chinese |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-c574-bb7bf0c9b3821cbd32010573217911be5d5825b960391a3b55b8a184384d43163 |
| PageCount | 28 |
| ParticipantIDs | wanfang_journals_txxb201711014 |
| PublicationCentury | 2000 |
| PublicationDate | 2017 |
| PublicationDateYYYYMMDD | 2017-01-01 |
| PublicationDate_xml | – year: 2017 text: 2017 |
| PublicationDecade | 2010 |
| PublicationTitle | 通信学报 |
| PublicationTitle_FL | Journal on Communications |
| PublicationYear | 2017 |
| Publisher | 国家数字交换系统工程技术研究中心,河南郑州,450003 |
| Publisher_xml | – name: 国家数字交换系统工程技术研究中心,河南郑州,450003 |
| SSID | ssib051376031 ssj0002912165 ssib058759023 ssib001102965 ssib023646527 ssib023168036 ssib036439991 ssib050281523 ssib000968473 |
| Score | 2.1400132 |
| Snippet | TP309; 软件定义网络(SDN,software-defined networking)将传统网络控制平面与转发平面分离,形成集中式的控制器,开放了网络编程接口,简化网络管理,促进网络创新,优化网络运... |
| SourceID | wanfang |
| SourceType | Aggregation Database |
| StartPage | 133 |
| Title | 软件定义网络及安全防御技术研究 |
| URI | https://d.wanfangdata.com.cn/periodical/txxb201711014 |
| Volume | 38 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources issn: 1000-436X databaseCode: M~E dateStart: 19800101 customDbUrl: isFulltext: true dateEnd: 99991231 titleUrlDefault: https://road.issn.org omitProxy: true ssIdentifier: ssib058759023 providerName: ISSN International Centre |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnR1Na9RAdKgVxIsoKn6WCs4xNfOVzDsmNUsR9FSh4KHsJFk9raBbKD2IFw_tRQQPIj3oTS8teChIqb-m29V_4XuT2d34RdVLmMy8eZ9J5iV5bx5jN40tTaUqF9W4PkRag42cc3VUJ9Y5kTrd7LN9916ydF_fWTErMycetKKW1gZuodz4bV7J_1gV-9CulCX7D5adIMUObKN98YgWxuNf2ZgXlue3edbhheZ5zvOEF4ZnBYfM9wC3wIuUYED4Rs5hkWBsh9ssABMM9mDb8gI4IE5JPXnBM5yVEKSNqYFziVbKs5iD9g1Aom0HlzBQ8ETDQMdjQMzIZBJQZWZsZEJgkX5OI8g75NMR5AMReYZyS4iIvB0TC5ORYZpscCbJSPiJw_aXjCZl0191LUAvd-45AhQ0DjxC6rlGHrVHhlxLrzZFmgv663jdIHHTYuF4JXnMlqjQdFS_wqvbCy4JP1mgYQBoCESgAhStqqmehGqtH5Sor5UvzjhZYJRt30iitVyIZhOQ4HmIprLCr4saGPCrGpFYGJNYp7jEVDb55T_tGT5YX3c0KqgS8wl2UtLHKoprfVa0313RM2knVccSpr-8JVU0Q_dmep7oxMiJr6rIlYXpRksGHVX0BSf4jKBwq-kvZoMvxhAKVHk3SYKQwpd6nSjtFLsxlvfWn6T1yXX9Xrf_sOUHLp9lZ8IL3HzW3I3n2MzGo_Ms-nqwe7i_N9x5e_h5c3TwarS_PXy5NdzZHL748O3Np-GX90dbz4-2d0fvXo8-7l1gy51ieXEpCoVIotKkGh9eqevFJThlpShdpSiCxKRK0ta-wtWmMlYaBwlVW-gqZ4yzXaqjZHVFO02oi2y2_7hfX2LzSirtYltDjMqvq7JbQiVFL9VVWvXqWF5mc0G61fCcebr6gzGvHAdwlZ2mdvOV8BqbHTxZq6-j3zxwc97-3wHUBoib |
| linkProvider | ISSN International Centre |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=%E8%BD%AF%E4%BB%B6%E5%AE%9A%E4%B9%89%E7%BD%91%E7%BB%9C%E5%8F%8A%E5%AE%89%E5%85%A8%E9%98%B2%E5%BE%A1%E6%8A%80%E6%9C%AF%E7%A0%94%E7%A9%B6&rft.jtitle=%E9%80%9A%E4%BF%A1%E5%AD%A6%E6%8A%A5&rft.au=%E7%8E%8B%E6%B6%9B&rft.au=%E9%99%88%E9%B8%BF%E6%98%B6&rft.au=%E7%A8%8B%E5%9B%BD%E6%8C%AF&rft.date=2017&rft.pub=%E5%9B%BD%E5%AE%B6%E6%95%B0%E5%AD%97%E4%BA%A4%E6%8D%A2%E7%B3%BB%E7%BB%9F%E5%B7%A5%E7%A8%8B%E6%8A%80%E6%9C%AF%E7%A0%94%E7%A9%B6%E4%B8%AD%E5%BF%83%2C%E6%B2%B3%E5%8D%97%E9%83%91%E5%B7%9E%2C450003&rft.issn=1000-436X&rft.volume=38&rft.issue=11&rft.spage=133&rft.epage=160&rft_id=info:doi/10.11959%2Fj.issn.1000-436x.2017221&rft.externalDocID=txxb201711014 |
| thumbnail_s | http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fwww.wanfangdata.com.cn%2Fimages%2FPeriodicalImages%2Ftxxb%2Ftxxb.jpg |