Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Trust Anchors in Software Defined Networks
RISE - Research Institutes of Sweden, ICT, SICS. (Security)ORCID iD: 0000-0003-0132-857x
Lund University, Sweden.
KTH Royal Institute of Technology, Sweden.
2018 (English)In: Computer Security: 23rd European Symposium on Research in Computer Security, ESORICS 2018 Barcelona, Spain, September 3–7, 2018, Proceedings, Part II / [ed] Javier Lopez · Jianying Zhou Miguel Soriano, Springer, 2018, Vol. 11099, p. 485-594Conference paper, Published paper (Refereed)
Abstract [en]

Advances in software virtualization and network processing lead to increasing network softwarization. Software network elements running on commodity platforms replace or complement hardware com- ponents in cloud and mobile network infrastructure. However, such com- modity platforms have a large attack surface and often lack granular control and tight integration of the underlying hardware and software stack. Often, software network elements are either themselves vulnerable to software attacks or can be compromised through the bloated trusted computing base. To address this, we protect the core security assets of network elements - authentication credentials and cryptographic context - by provisioning them to and maintaining them exclusively in isolated execution environments. We complement this with a secure and scalable mechanism to enroll network elements into software defined networks. Our evaluation results show a negligible impact on run-time performance and only a moderate performance impact at the deployment stage.

Place, publisher, year, edition, pages
Springer, 2018. Vol. 11099, p. 485-594
Keywords [en]
Software Defined Networking, Software Guard Extensions, Open vSwitch, Network Function Virtualization
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:ri:diva-35117DOI: 10.1007/978-3-319-98989-1_24Scopus ID: 2-s2.0-85051855924ISBN: 978-3-319-98988-4 (print)OAI: oai:DiVA.org:ri-35117DiVA, id: diva2:1245614
Conference
ESORICS
Funder
EU, European Research Council, 731574Available from: 2018-09-05 Created: 2018-09-05 Last updated: 2019-01-10Bibliographically approved

Open Access in DiVA

fulltext(364 kB)523 downloads
File information
File name FULLTEXT01.pdfFile size 364 kBChecksum SHA-512
2c28ea626b58a32d9ce2eadd53923fcd3ffb2c2f1473e75e560fd1439a3a823dfe685ce5e1e57d2c7da5db8de7f0f2ec43dea9982beeb8c10dc61930d211239c
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Paladi, Nicolae

Search in DiVA

By author/editor
Paladi, Nicolae
By organisation
SICS
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 523 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 118 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf