Software-Defined Networking: An Evolving Network Architecture—Programmability and Security Perspective
Table 1
SDN security scenario.
Possible security weak points
Reason to classify weak points
Flow table—data plane
The flow table in the forwarding devices, if compromised, will mislead the ingress and egress data flow in the network and could cause vital damage irrespective of how scalable, resilient, redundant, and efficient a network is.
Controller—control plane
The controller, as addressed earlier, being the central authority could cause a high impact over the flow of the network if compromised (in this case, we are discussing more focused on a single controller scenario; however, an SDN architecture could support distributed controllers within a network).
Applications—application plane
The applications which are customized for the network could lead to a devastating result if compromised.