Network applications in SDN environment operate without any threat prevention mechanism or access control to checkmate what functions or operations they can execute within the network. This gives room for malicious applications to implement an offensive attack against the network or install exploits that can compromise the confidentiality, integrity or availability of network resources. In order to address this problem, this paper proposes a threat mitigation model based on trust that introduces a token-based authentication method that enables the controller to verify and validate every network application that makes changes in the network. The paper contributes in providing an authorisation method Boolean Access Matrix that constrains what operation, functions or privileges every network application can execute within the network. To assess the trustworthiness of network applications, a trust evaluation method based on Subjective Logic Reasoning which is a belief learning model is proposed. Results from tests and experiments show how scalable and efficient the proposed trust framework is.
|Publication status||Published - 19 Dec 2019|