The fourth security mechanism centres around the principle of Dynamic Device Association.According to the research team, switches should be able to freely associate with multiplecontrollers in order to be able to tolerate faults and failures and to increase the overallrobustness of the network. This approach, however, is largely covered with the introductionof Replication and Self-Healing Mechanisms and is thus a redundant proposal. A new aspectis the suggestion to provide switches with programmable multi-purposes CPUs or specialisedattachable boxes. The purpose is to induce switch intelligence, capable of detecting maliciouscontrollers and automatic control channel load-balancing. The team deems generic dataplane intelligence helpful in the provision of security and fault-tolerance. [8]The introduction of low-level configurable switch intelligence is a point of debate, as itcould bring back complexity and security issues into the software-defined network. Reminiscent of the active networking project [28], programmable switches could be subject to newattack vectors, misconfiguration or software faults. Switching devices might need to be configured individually to function properly, leading to a step back in the OpenFlow paradigm.Additionally, the development of programmable switches or compatible dedicated deviceshas to rely on vendor acceptance, a hurdle, which several network designs failed to overcomein the past [2] (see Section 2.3).
On the other hand, an emerging belief is that ”a ’smart controller, dumb switch’ model is
too na¨ıve” [118]. Switches might need to be customised in order to adapt to the new model
and be capable of providing self-reports of the topology, black holes or critical nodes in the
network. [119] Indeed, a considerable amount of measures and switch designs that address
automated load-balancing and selective routing on the data plane has been published [12].
đang được dịch, vui lòng đợi..
![](//viimg.ilovetranslation.com/pic/loading_3.gif?v=b9814dd30c1d7c59_8619)