信息网络安全 ›› 2014, Vol. 14 ›› Issue (9): 34-38.doi: 10.3969/j.issn.1671-1122.2014.09.008

• Orginal Article • Previous Articles     Next Articles

Design of Secure SDN Controller Architecture

XUE Cong1, 2, 3, MA Cun-qing1, 2, LIU Zong-bin1, 2, ZHANG Qing-long1, 2, 3   

  1. 1.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;
    2. State Key Laboratory of Information Security, Beijing 100093, China;
    3. University of Chinese Academy of Sciences, Beijing 100049, China
  • Received:2014-08-06 Online:2014-09-01

Abstract: Controller is the core of Software Defined Network, and its security is crucial for SDN maintenance. Based on open source SDN controller architectures, we analyze its security issues of network information protection, application management and module processing under different control patterns, and further propose a secure SDN controller architecture, which integrates shared network information base, collision detection, intrusion tolerance module etc. This design can solve single controller invalidation and logic inconsistency and improve the robustness of SDN.

Key words: SDN, controller security, security analysis, architecture design