{"title":"Assuring virtual network function image integrity and host sealing in Telco cloue","authors":"Shankar Lal, Sowmya Ravidas, Ian Oliver, T. Taleb","doi":"10.1109/ICC.2017.7997299","DOIUrl":null,"url":null,"abstract":"In Telco cloud environment, virtual network functions (VNFs) can be shipped in the form of virtual machine images and hosted over commodity hardware. It is likely that these VNF images will contain highly sensitive data and mission critical network operations. For this reason, these VNF images are prone to malicious tampering during shipping and even after uploaded to the cloud image database. Furthermore, due to various applications, there is a requirement from mobile network operators to seal VNFs on specific platforms which satisfy certain hardware and software configurations. This requires cloud service providers to introduce some mechanisms to verify VNF image integrity and host sealing before the instantiation of VNFs. In this paper, we present a proof of concept demonstrated with the help of an experimental setup to solve the above-mentioned problems. We also evaluate the performance of the envisioned setup and present some insights on its usability.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"6 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE International Conference on Communications (ICC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICC.2017.7997299","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 26
Abstract
In Telco cloud environment, virtual network functions (VNFs) can be shipped in the form of virtual machine images and hosted over commodity hardware. It is likely that these VNF images will contain highly sensitive data and mission critical network operations. For this reason, these VNF images are prone to malicious tampering during shipping and even after uploaded to the cloud image database. Furthermore, due to various applications, there is a requirement from mobile network operators to seal VNFs on specific platforms which satisfy certain hardware and software configurations. This requires cloud service providers to introduce some mechanisms to verify VNF image integrity and host sealing before the instantiation of VNFs. In this paper, we present a proof of concept demonstrated with the help of an experimental setup to solve the above-mentioned problems. We also evaluate the performance of the envisioned setup and present some insights on its usability.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
