Implementing fault-tolerant services using the state machine approach: a tutorial
ACM Computing Surveys (CSUR)
Intrusion-Tolerant Middleware: The Road to Automatic Security
IEEE Security and Privacy
Design and implementation of a routing control platform
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Low-overhead byzantine fault-tolerant storage
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
OpenFlow: enabling innovation in campus networks
ACM SIGCOMM Computer Communication Review
NOX: towards an operating system for networks
ACM SIGCOMM Computer Communication Review
Rethinking enterprise network control
IEEE/ACM Transactions on Networking (TON)
Automatically patching errors in deployed software
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery
IEEE Transactions on Parallel and Distributed Systems
EBAWA: Efficient Byzantine Agreement for Wide-Area Networks
HASE '10 Proceedings of the 2010 IEEE 12th International Symposium on High-Assurance Systems Engineering
Onix: a distributed control platform for large-scale production networks
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Frenetic: a network programming language
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
Autonomic Trust Management for a Component-Based Software System
IEEE Transactions on Dependable and Secure Computing
CheapBFT: resource-efficient byzantine fault tolerance
Proceedings of the 7th ACM european conference on Computer Systems
The controller placement problem
Proceedings of the first workshop on Hot topics in software defined networks
Hey, you darned counters!: get off my ASIC!
Proceedings of the first workshop on Hot topics in software defined networks
VeriFlow: verifying network-wide invariants in real time
Proceedings of the first workshop on Hot topics in software defined networks
A security enforcement kernel for OpenFlow networks
Proceedings of the first workshop on Hot topics in software defined networks
Software diversity: security, entropy and game theory
HotSec'12 Proceedings of the 7th USENIX conference on Hot Topics in Security
The most dangerous code in the world: validating SSL certificates in non-browser software
Proceedings of the 2012 ACM conference on Computer and communications security
Efficient Byzantine Fault-Tolerance
IEEE Transactions on Computers
AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
Software-defined networking empowers network operators with more flexibility to program their networks. With SDN, network management moves from codifying functionality in terms of low-level device configurations to building software that facilitates network management and debugging. By separating the complexity of state distribution from network specification, SDN provides new ways to solve long-standing problems in networking --- routing, for instance --- while simultaneously allowing the use of security and dependability techniques, such as access control or multi-path. However, the security and dependability of the SDN itself is still an open issue. In this position paper we argue for the need to build secure and dependable SDNs by design. As a first step in this direction we describe several threat vectors that may enable the exploit of SDN vulnerabilities. We then sketch the design of a secure and dependable SDN control platform as a materialization of the concept here advocated. We hope that this paper will trigger discussions in the SDN community around these issues and serve as a catalyser to join efforts from the networking and security & dependability communities in the ultimate goal of building resilient control planes.