Upload File

sdn security what’s done, what’s...

  • Home
  • Documents
  • SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May
13
SDN Security – What’s done, what’s next? ITC Meeting, Paris, May 2017 Sandra Scott-Hayward A Global Innovation Hub for Cyber Security

Upload: vuongnhan

Post on 17-May-2018

216 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

SDN Security – What’s done, what’s next? ITC Meeting, Paris, May 2017 Sandra Scott-Hayward

A Global Innovation Hub for Cyber Security

Page 2: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

Bio – Dr. Sandra Scott-Hayward, CEng CISSP CEH OCSA

Lecturer – Network Security, Queen’s University Belfast • Open Networking Foundation (ONF) Research Associate

• Vice-Chair, ONF Security WG

• Project Leader, OSSDN Project Delta

• MEF Research Associate

Page 3: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

Centre for Secure Information Technologies

Page 4: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

Solutions to Security Issues

S. Scott-Hayward, S. Natarajan, S. Sezer, ‘A Survey of Security in Software Defined Networks’, IEEE Communications Surveys & Tutorials, 2015.

Page 5: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

Categorization of Security Solutions

Page 6: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

Recommended Best Practices

Page 7: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

SDN Security Evolution

Page 8: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

ONF Security Working Group

Page 9: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

OSSDN Project Delta

Page 10: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

ETSI NFV Security Working Group Work Item Rapporteur Completed

SEC001 “NFV Security problem statement” Bob Briscoe, BT (Oct. 2014)

SEC002 “Openstack security” Huilan Lu, Alcatel-Lucent (Aug. 2015)

SEC003 “NFV Security and Trust Guidelines” Mike Bursell, Intel; Kurt Roemer, Citrix (Dec. 2014)

SEC004 “Lawful interception report” Scott Cadzow, Cadzow Limited (Sept. 2015)

SEC005 “Certificate management report” Marcus Wong, Huawei Early Draft (Sept. 2016)

SEC006 “Security & regulation report” Scott Cadzow, Cadzow Limited (Apr. 2016)

SEC007 “NFV attestation report” Diego Lopez, Telefonica Early Draft (May 2017)

SEC008 “Security monitoring report” Ashutosh Dutta, AT&T; Kapil Sood, Intel

SEC009 “Use cases for multi-layer host administration” Mike Bursell, Intel (Dec. 2015)

SEC010 “NFV retained data” Mark Shepherd, Tencastle (Apr. 2016)

SEC011 “Lawful interception architecture report” Alex Leadbeater, BT Early Draft (July 2016)

SEC012 “Architecture for sensitive components” Mike Bursell, Intel (Jan. 2017)

SEC013 “Security management & monitoring specification” Ashutosh Dutta, AT&T

SEC014 “MANO security specification” Pradheepkumar Singaravelu, NEC (Feb. 2017)

SEC015 “Security spec. for other MANO reference points” Pradheepkumar Singaravelu, NEC Start of Work (Oct. 2016)

SEC016 “Report on location, timestamping of VNFs” Pierre Courbon, Ministry of the Economy, France Early Draft (May 2017)

Page 11: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

… and now?

• ONF Northbound Interface (NBI) Security

• MEF LSO Security

• OSSDN Delta Project – ONOS Security

• Research …

Page 12: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

Links

CSIT SDN Security Research

http://www.qub.ac.uk/sites/CSIT/Research/ResearchGroups/NetworkSecuritySystems/SoftwareDefinedNetworkSecurity/

OSSDN Delta Project

http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/

https://github.com/OpenNetworkingFoundation/delta

Open Networking Foundation Security Working Group. https://www.opennetworking.org/technical-communities/areas/services

ETSI ISG Network Functions Virtualization Security Expert Group http://www.etsi.org/technologies-clusters/technologies/nfv

http://www.qub.ac.uk/sites/CSIT/Research/ResearchGroups/NetworkSecuritySystems/SoftwareDefinedNetworkSecurity/
http://www.qub.ac.uk/sites/CSIT/Research/ResearchGroups/NetworkSecuritySystems/SoftwareDefinedNetworkSecurity/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
http://opensourcesdn.org/projects/project-delta-sdn-security-evaluation-framework/
https://github.com/OpenNetworkingFoundation/delta
https://www.opennetworking.org/technical-communities/areas/services
https://www.opennetworking.org/technical-communities/areas/services
https://www.opennetworking.org/technical-communities/areas/services
http://www.etsi.org/technologies-clusters/technologies/nfv
http://www.etsi.org/technologies-clusters/technologies/nfv
http://www.etsi.org/technologies-clusters/technologies/nfv
http://www.etsi.org/technologies-clusters/technologies/nfv
http://www.etsi.org/technologies-clusters/technologies/nfv
Page 13: SDN Security What’s done, what’s next?itc.committees.comsoc.org/files/2017/07/Scott-ITCMeeting-May2017.pdfSDN Security – What’s done, what’s next? ITC Meeting, Paris, May

A Global Innovation Hub for Cyber Security

Thank You! Questions?

[email protected]


What’s to be done?

Machine development - results and plans – critical results , what’s to be done ?

ENGAGED JOURNALISM · 2019-02-01 · done. Engaged journalism that works with community members to identify and understand the roots of problems and what’s been done about them

What’s to be done?. Underlying social pathologies Inequality Democratic failings Neoliberalism

Agenda: What is Project Phoenix Objectives What’s been done Next steps Questions

What’s Wrong with Congress and What Should Be Done · PDF fileWhat’s Wrong with Congress and What Should Be Done ... twelve members of the Joint Select Committee on Deficit Reduction

When Match Fields Do Not Need to Match: Buffered Packet ...faculty.cs.tamu.edu/guofei/paper/BPHijack_NDSS20.pdfSDN, which allows a malicious application to hijack buffered packets

Performance Evaluation of Selective Flow Monitoring in the ...dl.ifip.org/db/conf/cnsm/cnsm2017/1570395498.pdfSDN-based networks is presented alongside the flow monitoring mechanisms

“Scott Christensen has done a splendid job of …...“Scott Christensen has done a splendid job of explaining what’s at stake in the debate over free will and presenting a compelling

Grade Retention: What’s the Prevailing Policy and …...A Center Policy & Practice Analysis Brief . . . Grade Retention: What’s the Prevailing Policy and What Needs to be Done?

Get more done with Windows 10 Mobile - Microsoft · PDF fileGet more done with Windows 10 Mobile What’s ... With new Windows 10 Mobile phones, ... reposition your keyboard by pressing

Http:// Steve George. Likelihood of flooding What has been done previously? Find your nearest decent tide- gauge (what’s happened

Mobile learning: What is it? What’s it look like? How’s it done?

Service Provisioning in SDN using a Legacy Network ...kth.diva-portal.org/smash/get/diva2:1087325/FULLTEXT02.pdfSDN, we introduce the concept of a legacy Network Management System

What’s being done to prevent damage to pipelines?

GDPR compliance made easier with The Sentry · The Sentry System from GDPR Sentry A simple, intuitive, ... at a glance. See what’s open and what’s still to be done. When you have

HIFI Pipeline Overview: What’s Done at Levels 1 and 2?

CEBAF Photoinjector: What’s new, what’s the same since HAPPEx 2004? What needs to be done? M. Poelker, HAPPEx collaboration meeting, Feb. 18, 2005

SDN-based Privacy Preserving Cross Domain Routingqian/papers/TDSC_Chen_2018.pdfSDN simplifies routing optimization in a single domain, privacy-preserving cross-domain routing optimization

CMAS special session Oct 13, 2010 Air pollution exposure estimation: 1.what’s been done? 2.what’s wrong with that? 3.what can be done? 4.how and what to

SDN-Enabled Carrier Ethernet Architecturesd2zmdbbm9feqrf.cloudfront.net/2016/eur/pdf/BRKSPG-2062.pdfSDN-Enabled Carrier Ethernet Architectures ... Alexander Preusche –Consulting

Health Literacy What’s Done and What’s Left to Do Paul D. Smith, MD, Associate Professor UW Department of Family Medicine [email protected]

WHAT’S HAPPENING - Dollywooddw.dollywood.com/enews/WHap/16/16Whap9.16.pdf · WHAT’S HAPPENING My Dollywood Family, Again, you all “done me proud”!! The lighting, construction,

SDN for Public Safety Networks - Inria6).pdfSDN for Public Safety Networks Michelle Wetterwald , ... forwarding devices, ... data plane is realized by a well-deÞned southbound application

What’s left to teach now that Wikipedia has done everyone’s homework?

June 2014 Marc-André LeBlanc What’s being done about lubricant safety?

Android Ecosystem and What’s Ne · Android NDK app Android manifest resource bundle Dalvik classes libraries & JNI Android: What’s Inside • This is mostly done by game developers

nrl.northumbria.ac.uknrl.northumbria.ac.uk/22235/...What's_been...come.docx  · Web viewAcademic research on crowdfunders: What’s been done and what’s to come? J.E.L. classification

WHAT’S BEEN DONE SO FAR: LIEN ORIGINS, PRINCIPLES AND PROPOSALS Theresa McClenaghan Counsel, Canadian Environmental Law Association March 31,

CELL BY DATE UPDATE 29.08.07 14:00. Presentation Outline CBD Background Project Approach What’s Done Lab Team Modelling Team Protocols Team What’s Next

What’s Left To Be Done? - Der Bayderbay.org/articles/2016/db26-1.pdf · What’s Left To Be Done? ... Robert Goldenberg, Sharon Love, Helen and Bob Smolkin, Roz Usiskin, and

SDN Malware: Problems of Current Protection Systems and ...cs.emis.de/LNI/Proceedings/Proceedings256/89.pdfSDN Malware: Problems of Current Protection Systems and Potential Countermeasures

What’s a Tree Done For You Lately? - Oregon State Universityowic.oregonstate.edu/sites/default/files/pubs/products_from_trees.pdf · What’s a Tree Done For You Lately? ... find

Agenda Background: “Beer from the Coast” Sustainability: Dilemma or Synergy? Our Approach – What we’ve done… – What’s still to do?

September 26th What’s Happening at Branch 96?...September 26th th-30 , 2016 What’s Happening at Branch 96? This is how it’s done! Boom! Kim Schneider and Jad Ryan getting some