Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Component integrity guarantees in software-defined networking infrastructure
Stockholm University, Sweden.
RISE - Research Institutes of Sweden, ICT, SICS.ORCID iD: 0000-0003-0132-857x
2017 (English)In: 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017, Institute of Electrical and Electronics Engineers Inc. , 2017, p. 292-296Conference paper, Published paper (Refereed)
Abstract [en]

Operating system level virtualization containers are commonly used to deploy virtual network functions (VNFs) which access the centralized network controller in software-defined networking (SDN) infrastructure. While this allows flexible network configuration, it also increases the attack surface, as sensitive information is transmitted between the controller and the virtual network functions. In this work we propose a mechanism for bootstrapping secure communication between the SDN controller and deployed network applications. The proposed mechanism relies on platform integrity evaluation and execution isolation mechanisms, such as Linux Integrity Measurement Architecture and Intel Software Guard Extensions. To validate the feasibility of the proposed approach, we have implemented a proof of concept which was further tested and evaluated to assess its performance. The prototype can be seen as the first step into providing users with security guarantees regarding the integrity of components in the SDN infrastructure.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc. , 2017. p. 292-296
Keywords [en]
Docker, IMA, NFV, SDN, Security, SGX, Computer operating systems, Controllers, Network security, Software defined networking, Transfer functions, Virtual reality, Virtualization, Centralized networks, Integrity measurement, Network applications, Platform integrity, Sensitive informations, Software defined networking (SDN), Network function virtualization
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:ri:diva-38634DOI: 10.1109/NFV-SDN.2017.8169858Scopus ID: 2-s2.0-85043275103ISBN: 9781538632857 (print)OAI: oai:DiVA.org:ri-38634DiVA, id: diva2:1314773
Conference
2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017, 6 November 2017 through 8 November 2017
Available from: 2019-05-09 Created: 2019-05-09 Last updated: 2019-05-09Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Paladi, Nicolae

Search in DiVA

By author/editor
Paladi, Nicolae
By organisation
SICS
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.7