**5. SDN security architecture**

The difference between a traditional network and SDN is it decouples the control and data plane which divides the network into a set of components and interfaces. This unique feature of SDN makes it different from the traditional network also makes it vulnerable in terms of security. The controller plane is the central part of SDN, an attack in the controller plane may collapse the whole network. There are a few vulnerable areas that SDN encounters due to its centralized control and open programmable interfaces. The attacks can target to different areas of SDN described below:

**Centralized Control:** The policies defined by the application layer are followed by the control layer where the failure of the controller eventually leads to failure of the application program which may, in turn, fail the overall system.

**Open programmable interfaces:** There are three basic programmable interfaces that make SDN programmable in comparison to the traditional network.

1.**Between Application Layer and Control Layer:** The application plane submits policies to the control plane. Any malicious action while submitting the policy may fail the original application program to execute. REST API is used which

*Lightweight Cryptographic Techniques in 5G Software-Defined Internet of Things Networking DOI: http://dx.doi.org/10.5772/intechopen.102984*

is a set of architectural constraints, not a protocol or standard, where it uses JSON, HTML, XLT, Python, or plain text. Since it is not a protocol like SOAP (Simple Object Access Protocol), rather a set of guidelines that can be implemented as per requirement, it takes less time to execute and is lightweight which is best for IoT networks.

