Integration of Zero Trust and Blockchain in SDN networks: An overview of threats and methods of their elimination
Oleksandr Pidpalyi, Oleksandr RomanovThe purpose of the study was to identify theoretically sound methods for integrating Zero Trust and blockchain concepts to improve the overall security of software-defined networks (SDN). The research was based on the development of a theoretical network model that includes an SDN controller, switches, routers, and hosts, which used virtualisation tools such as GNS3, VirtualBox, and Docker. The theoretical basis of the study covered the analysis of key threats, including DDoS attacks, routing manipulation, insider threats, attacks on the application programming interface (API), and specific vulnerabilities of blockchain consensus mechanisms. Simulation scenarios were developed to demonstrate the potential impact of these threats on the security and performance of SDN networks. Analysis of the results obtained theoretically confirmed that the use of Zero Trust policies significantly reduces the risks of insider attacks and improves the protection of the SDN controller due to the principles of constant access verification and micro-segmentation. Integration of blockchain technologies increases the reliability of routing and traffic management, preventing malicious interference in the network infrastructure. Theoretical methods for authentication and verification of requests using blockchain significantly improve the protection of APIs and interaction interfaces. In addition, hybrid consensus algorithms have shown the potential to improve network performance and ensure its resistance to attacks. The study highlighted the importance of integrating Zero Trust and blockchain as an effective solution for eliminating a wide range of threats in SDN networks. This opens up new prospects for the protection of telecommunications systems and lays the theoretical foundation for further research and improvement of security methods. The practical significance of the study is to develop specific recommendations for implementing a comprehensive SDN security system based on blockchain technologies and Zero Trust principles. The proposed solutions can be used both in the public sector to protect critical infrastructure and in the private sector to ensure the security of corporate networks
References
[1] Ahmadi, S. (2024). Zero trust architecture in cloud networks: Application, challenges and future opportunities. Journal of Engineering Research and Reports, 26(2), 215-228. doi: 10.9734/jerr/2024/v26i21083.
[2] Ajish, D. (2024). The significance of artificial intelligence in Zero Trust technologies: A comprehensive review. Journal of Electrical Systems and Information Technology, 11(1), article number 30. doi: 10.1186/s43067-024-00155-z.
[3] Alevizos, L., & Ta, V.T. (2024). Automated cybersecurity compliance and threat response using AI, blockchain & smart contracts. International Journal of Information Technology, 17, 767-781. doi: 10.1007/s41870-024-02324-9.
[4] Bassfar, Z., Sayeed, A., Bala, P., Alshehri, A., Alanazi, M., & Zubair, S. (2023). Toward secure and resilient networks: A Zero-Trust security framework with quantum fingerprinting for devices accessing network. Mathematics, 11(12), article number 2653. doi: 10.3390/math11122653.
[5] Bicer, C., Murturi, L., Donta, P.K., & Dustdar, S. (2023). Blockchain-based Zero Trust on the edge. ArXiv. doi: 10.48550/ arXiv.2311.16744.
[6] Bykonia, O., & Romanovska, N. (2024). Perspectives of the development of the information and communication technologies sector in Ukraine. Scientific Bulletin of International Association of Scientists. Series Economy Management Security Technologies, 3(1). doi.org/10.56197/2786-5827/2024-3-1-8.
[7] Cao, Y., Pokhrel, S.R., Zhu, Y., Doss, R., & Li, G. (2024). Automation and orchestration of Zero Trust architecture: Potential solutions and challenges. Machine Intelligence Research, 21(10), 294-317. doi: 10.1007/s11633-023-1456-2.
[8] Das, D., Banerjee, S., Dasgupta, K., Chatterjee, P., Ghosh, U., & Biswas, U. (2023). Blockchain enabled SDN framework for security management in 5G applications. In ICDCN 23: proceedings of the 24th international conference on distributed computing and networking (pp. 414-419). New York: Association for Computing Machinery. doi: 10.1145/3571306.3571445.
[9] Dhar, S., & Bose, I. (2020). Securing IoT devices using Zero Trust and blockchain. Journal of Organizational Computing and Electronic Commerce, 31(1), 18-34. doi: 10.1080/10919392.2020.1831870.
[10] Dhiman, P., Saini, N., Gulzar, Y., Turaev, S., Kaur, A., Nisa, K.U., & Hamid, Y. (2024). A review and comparative analysis of relevant approaches of Zero Trust network model. Sensors, 24(4), article number 1328. doi: 10.3390/s24041328.
[11] Fadhil, J.A., & Zeebaree, S.R. (2024). Blockchain for distributed systems security in cloud computing: A review of applications and challenges. Indonesian Journal of Computer Science, 13(2), 1576-1605. doi: 10.33022/ijcs.v13i2.3794.
[12] Feng, Y., Zhong, Z., Sun, X., Wang, L., Lu, Y., & Zhu, Y. (2023). Blockchain enabled Zero Trust based authentication scheme for railway communication networks. Journal of Cloud Computing, 12(1), article number 62. doi: 10.1186/ s13677-023-00411-z.
[13] Gai, K., She, Y., Zhu, L., Choo, K.W., & Wan, Z. (2022). A blockchain-based access control scheme for Zero Trust cross-organizational data sharing. ACM Transactions on Internet Technology, 23(3), article number 38. doi: 10.1145/3511899.
[14] Gai, K., Wu, L., Zhu, L., Zhang, Z., & Qiu, M. (2019). Differential privacy-based blockchain for industrial internet-of-things. IEEE Transactions on Industrial Informatics, 16(6), 4156-4165. doi: 10.1109/TII.2019.2948094.
[15] Ghasemshirazi, S., Shirvani, G., & Alipour, M.A. (2023). Zero Trust: Applications, challenges, and opportunities. ArXiv. doi: 10.48550/arXiv.2309.03582.
[16] Guo, X., Wang, C., Cao, L., Jiang, Y., & Yan, Y. (2022). A novel security mechanism for software defined network based on blockchain. Computer Science and Information Systems, 19(2), 523-545. doi: 10.2298/CSIS210222001G.
[17] Gupta, A., Gupta, R., Jadav, D., Tanwar, S., Kumar, N., & Shabaz, M. (2023). Proxy smart contracts for Zero Trust architecture implementation in Decentralized Oracle Networks based applications. Computer Communications, 206, 10-21. doi: 10.1016/j.comcom.2023.04.022.
[18] Kulkarni, A., Hazari, N.A., & Niamat, M.Y. (2024). A Zero Trust-based framework employing blockchain technology and ring oscillator physical unclonable functions for security of field programmable gate array supply chain. IEEE Access, 12, 89322-89338. doi: 10.1109/ACCESS.2024.3418572.
[19] Li, J., Lv, H., Lei, B., & Xie, Y. (2022). A consensus approach for SDN controllers based on blockchain. In CSSE ‘22: proceedings of the 5th international conference on computer science and software engineering (pp. 170-174). New York: Association for Computing Machinery. doi: 10.1145/3569966.3570015.
[20] Li, W., Meng, W., Liu, Z., & Au, M.-H. (2020). Towards blockchain-based software-defined networking: Security challenges and solutions. IEICE Transactions on Information and Systems, E103.D(2), 196-203. doi: 10.1587/ transinf.2019INI0002.
[21] Liu, Y., He, D., Obaidat, M.S., Kumar, N., Khan, M.K., & Choo, K.-K. (2020). Blockchain-based identity management systems: A review. Journal of Network and Computer Applications, 166, article number 102731. doi: 10.1016/j. jnca.2020.102731.
[22] Semenenko, O., Kirsanov, S., Movchan, A., Ihnatiev, M., & Dobrovolskyi, U. (2024). Impact of computer-integrated technologies on cybersecurity in the defence sector. Machinery & Energetics, 15(2), 118-129. https://doi.org/10.31548/ machinery/2.2024.118.
[23] Xu, Y., Ren, J., Wang, G., Zhang, C., Yang, J., & Zhang, Y. (2019). A blockchain-based nonrepudiation network computing service scheme for industrial IoT. IEEE Transactions on Industrial Informatics, 15(6), 3632-3641. doi: 10.1109/ TII.2019.2897133.
[24] Yan, X., & Wang, H. (2020). Survey on zero-trust network security. In X. Sun, J. Wang & E. Bertino (Eds.), Artificial intelligence and security (pp. 50-60). Singapore: Springer. doi: 10.1007/978-981-15-8083-3_5.
[25] Zheng, P., Jiang, Z., Wu, J., & Zheng, Z. (2023). Blockchain-based decentralized application: A survey. IEEE Open Journal of the Computer Society, 4, 121-133. doi: 10.1109/OJCS.2023.3251854.