An enhanced security framework of software defined network based on attribute-based encryption

With the development of the information and communications technology, new network architecture and applications keep emerging promoted by cloud computing, big data, virtualization technology, etc. As a novel network architecture, Software Defined Network (SDN) realizes separation of the control plane and the data plane, thus controlling hardware by a software platform which is known as the central controller. Through that method SDN realizes the flexible deployment of network resources. In the process of the development and application of SDN, its open architecture has exposed more and more security problem, which triggers a critical focus on how to build a secure SDN. Based on the hierarchical SDN architecture and characteristics, this paper analyzes the security threats that SDN may face in the application layer, the control layer, the resource layer and the interface layer. In order to solve those security threats, the paper presents an SDN security architecture which can provide corresponding defense ability. The paper also puts forward an enhanced access control strategy adopting an attribute-based encryption method in the SDN security architecture.