”Common Criteria” and Software Defined Network Security
«Common criteria» (ISO 15408) is a universally recognized and broadly applicable approach to information security solutions management and evaluation. «Common criteria» leans on developing a shared conceptual basis for key security solution modules including protection profiles and security targets....
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Yaroslavl State University
2019-03-01
|
| Series: | Моделирование и анализ информационных систем |
| Subjects: | |
| Online Access: | https://www.mais-journal.ru/jour/article/view/1168 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849401107744292864 |
|---|---|
| author | Andrey N. Petukhov Paul L. Pilyugin |
| author_facet | Andrey N. Petukhov Paul L. Pilyugin |
| author_sort | Andrey N. Petukhov |
| collection | DOAJ |
| description | «Common criteria» (ISO 15408) is a universally recognized and broadly applicable approach to information security solutions management and evaluation. «Common criteria» leans on developing a shared conceptual basis for key security solution modules including protection profiles and security targets. Conceptual basis development implies defining the following elements: security objectives and assumptions (for the environment and the object), threats and security policies, as well as functional and assurance requirements. The specifics of SDN (software defined network) security solutions is largely driven by fundamental architectural principles of SDN technology itself − primarily by the separation of control and data flows, − and by conditions imposed by Open Flow protocol application. However, proactive (threats and policies), passive (objectives and assumptions) and reactive (requirements) aspects of security management remain highly relevant for this type of security solutions. This paper discusses the Common Criteria application specifics for assessing the SDN security and practical MTUCI (Moscow Technical University of Communications and Informatics) experience in the development of the protection profile. A new class of network attacks on SDN switches and controllers can involve either data or control components. In addition to traditional vulnerabilities, centralization of management functions paves way for new security threats by isolating controller activity and administrative message exchange. Therefore, identifying and analyzing threats, policies and requirements specific to SDN control module security becomes an emerging priority. |
| format | Article |
| id | doaj-art-fe697e7826c742fe808a247adbeeffce |
| institution | Kabale University |
| issn | 1818-1015 2313-5417 |
| language | English |
| publishDate | 2019-03-01 |
| publisher | Yaroslavl State University |
| record_format | Article |
| series | Моделирование и анализ информационных систем |
| spelling | doaj-art-fe697e7826c742fe808a247adbeeffce2025-08-20T03:37:50ZengYaroslavl State UniversityМоделирование и анализ информационных систем1818-10152313-54172019-03-0126113414510.18255/1818-1015-2019-1-134-145899”Common Criteria” and Software Defined Network SecurityAndrey N. Petukhov0Paul L. Pilyugin1National Research University of Electronic Technology – MIETLomonosov Moscow State University«Common criteria» (ISO 15408) is a universally recognized and broadly applicable approach to information security solutions management and evaluation. «Common criteria» leans on developing a shared conceptual basis for key security solution modules including protection profiles and security targets. Conceptual basis development implies defining the following elements: security objectives and assumptions (for the environment and the object), threats and security policies, as well as functional and assurance requirements. The specifics of SDN (software defined network) security solutions is largely driven by fundamental architectural principles of SDN technology itself − primarily by the separation of control and data flows, − and by conditions imposed by Open Flow protocol application. However, proactive (threats and policies), passive (objectives and assumptions) and reactive (requirements) aspects of security management remain highly relevant for this type of security solutions. This paper discusses the Common Criteria application specifics for assessing the SDN security and practical MTUCI (Moscow Technical University of Communications and Informatics) experience in the development of the protection profile. A new class of network attacks on SDN switches and controllers can involve either data or control components. In addition to traditional vulnerabilities, centralization of management functions paves way for new security threats by isolating controller activity and administrative message exchange. Therefore, identifying and analyzing threats, policies and requirements specific to SDN control module security becomes an emerging priority.https://www.mais-journal.ru/jour/article/view/1168security of software defined networksgeneral criteriasecurity profile |
| spellingShingle | Andrey N. Petukhov Paul L. Pilyugin ”Common Criteria” and Software Defined Network Security Моделирование и анализ информационных систем security of software defined networks general criteria security profile |
| title | ”Common Criteria” and Software Defined Network Security |
| title_full | ”Common Criteria” and Software Defined Network Security |
| title_fullStr | ”Common Criteria” and Software Defined Network Security |
| title_full_unstemmed | ”Common Criteria” and Software Defined Network Security |
| title_short | ”Common Criteria” and Software Defined Network Security |
| title_sort | common criteria and software defined network security |
| topic | security of software defined networks general criteria security profile |
| url | https://www.mais-journal.ru/jour/article/view/1168 |
| work_keys_str_mv | AT andreynpetukhov commoncriteriaandsoftwaredefinednetworksecurity AT paullpilyugin commoncriteriaandsoftwaredefinednetworksecurity |