Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Protecting OpenFlow Flow Tables with Intel SGX
RISE - Research Institutes of Sweden (2017-2019). Lund University, Sweden.ORCID-id: 0000-0003-0132-857x
2019 (engelsk)Konferansepaper, Oral presentation with published abstract (Annet vitenskapelig)
Abstract [en]

OpenFlow flow tables in Open vSwitch contain valuable information about installed flows, priorities, packet actions and routing policies. Their importance is emphasized when collocated tenants compete for the limited entries available to install flow rules. From a security point of view, OpenFlow flow tables are a valuable asset that requires both confidentiality and integrity guarantees. However, commodity software switch implementations - such as Open vSwitch - do not implement protection mechanisms capable to prevent attackers from either obtaining information about the installed flows or modifying the contents of flow tables. In this work, we adopt a radical approach to enabling OpenFlow flow table protection through decomposition. Based on a careful analysis of the architecture and implementation of Open vSwitch, we identify core assets requiring security guarantees, design an approach to isolating OpenFlow flow tables, and implement a prototype using Open vSwitch and Software Guard Extensions enclaves.

sted, utgiver, år, opplag, sider
Beijing, 2019.
Emneord [en]
Software Guard Extensions, Open vSwitch, Security, OpenFlow
HSV kategori
Identifikatorer
URN: urn:nbn:se:ri:diva-39319DOI: 10.1145/3342280.3342339Scopus ID: 2-s2.0-85071911713OAI: oai:DiVA.org:ri-39319DiVA, id: diva2:1334698
Konferanse
SIGCOMM Posters and Demos '19
Prosjekter
ASCLEPIOSCOLA
Forskningsfinansiär
EU, European Research Council, 826093Tilgjengelig fra: 2019-07-03 Laget: 2019-07-03 Sist oppdatert: 2020-02-07bibliografisk kontrollert

Open Access i DiVA

fulltext(369 kB)253 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 369 kBChecksum SHA-512
01eedfe96862f58ff86b06efa508bef504cdd05a2435eaeaae7ca97980aa205fbc2918e878168324d83aa914ceded21dada88642a0de4d2c21733b8f99571a48
Type fulltextMimetype application/pdf

Andre lenker

Forlagets fulltekstScopus

Søk i DiVA

Av forfatter/redaktør
Paladi, Nicolae
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 253 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

doi
urn-nbn

Altmetric

doi
urn-nbn
Totalt: 116 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
v. 2.45.0