Figure - uploaded by Hamza Mutaher
Content may be subject to copyright.
Source publication
Software Defined Networking (SDN) is being extensively adopted by researchers and enterprise networks due to its feature of decoupling data and control planes from network device which enables them to implement new networking ideas. Communication between data and control planes faces various security issues where many users in data plane approach c...
Citations
... The ZKP based authentication schemes are also implemented to secure the SDN controller during communication between the data and control planes. In [87], the authors utilize ZKP to authenticate user access to the SDN controller. The scheme ensures that user in authenticated without unveiling actual secrets or any other information. ...
... For example, Soewito et al. applied the ZKP in a wireless ad hoc network [1]. Alshameri et al. proposed an identification scheme based on ZKP for securing a software-defined network controller during the data and control plane communication [2]. Xi et al. built a mutual authentication system based on ZKP for the vehicle network [3]. ...
Zero-Knowledge Proof (ZKP) is a useful tools for proving that a prover possesses a secret without revealing it to the verifier. Designated Verifier Proof (DVP) is a special type of ZKP that adds the ability to restrict the identity of verifiers so that only pre-determined authorized verifiers can verify. However, DVP and other similar schemes do not work if the verifier provides some additional information to indicate the provenance of the proof. Since this information may be stored on the blockchain, the proof can be accepted by third parties even if the verifier is willing to protect the privacy of the prover. In this paper, we propose the concept of Blockchain Designated Verifier Proof (BDVP), and design a BDVP scheme suitable for blockchain applications. The key technique behind our BDVP scheme is that the verifier can forge a fake secret to simulate the proof. Therefore, a third party cannot determine whether the prover possesses the secret. This enables the verifier to protect the privacy of the prover, which is required by law or regulation. We also address the quantum attack problem and propose a post-quantum solution. We evaluate and compare the performances of the proposed protocol with other related protocols.
... Therefore, SDN conception addresses the controllability issue in DCNs by separating different networking stack components into three fundamentally layers: application plane, control plane, and data plane. SDN communications have two divisions crossed at the controller: Firstly, the transfer of information between application and control planes; Afterward, the management servers in the control plane require a pre-set up logic to send instructions to the data plane [4]. The Data plane contains the underlying networking devices like switches and routers to forward the commands. ...
Network virtualization (NV) has evolved systematically through the urge to share computing resources and improve service deployment in a large-scale environment. Virtual network embedding (VNE) is a well-established technology applied to reinforce the NV process, providing a devoted implementation for a particular case study. In cloud computing, integration of software-defined networking (SDN) has proved to be a practical support to the principal cloud utilities. In return, the SDN-enabled cloud offers innovative deployment techniques for network-based services, which increase the opportunity to efficiently incorporate new network management policies that solve the VNE problem. In this paper, the authors proposed a transition of modern portfolio theory (MPT) into a VNE approach that optimally addresses the selection and ranking of resources in data center networks (DCNs). Results analysis demonstrates the VNE approach's better performance versus similar methods in terms of acceptance ratio, runtime, and substrate resource utilization.
Network security is a significant area of focus for modern information technology research. Individuals and enterprises rely on networks to exchange, store, and process sensitive data. Software defined network (SDN) is a recent and emerging networking technology in various leading technological companies. The security of SDN has several aspects and categories. The control layer security is the essential layer of SDN architecture because it contains the controller device that rules the whole network. This paper investigates the security of the controller device in single and multiple scenarios. The attacks that threatened the controller and its countermeasures are addressed. The security issues of the multiple SDN controller are discussed along with their mitigating techniques. The security challenges and suggestions are provided to help further research and development in such a rapidly growing area.
