By extracting the control plane from the data plane, SDN enables unprecedented flexibility for future network architectures and quickly changes the landscape of the networking industry. Although the maturity of commonly accepted SDN security practices is the key to the proliferation of cloud DCN, SDN security research is still in its infancy. This paper gives a top⁃down survey of the approaches in this area, discussing security challenges and opportunities of software⁃defined datacenter networking for cloud computing. It leverages the well⁃known confidentiality⁃integrity⁃availability (CIA) matrix and protection⁃detection⁃reaction (PDR) model to give an overview of current security threats and security measures. It also discusses promising research directions in this field.
SDN security; cloud DCN; CIA; PDR