TruSDN: Bootstrapping Trust in Cloud Network Infrastructure
نویسندگان
چکیده
Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN, a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific pre-shared keys and propose a novel defense against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead.
منابع مشابه
Bootstrapping trust in software defined networks
Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN, a fr...
متن کاملA survey on impact of cloud computing security challenges on NFV infrastructure and risks mitigation solutions
Increased broadband data rate for end users and the cost of resource provisioning to an agreed SLA in telecom service providers, are forcing operators in order to adhere to employment Virtual Network Functions (VNF) in an NFV solution. The newly 5G mobile telecom technology is also based on NFV and Software Define Network (SDN) which inherit opportunities and threats of such constructs. Thus a ...
متن کاملPrivate Virtual Infrastructure: A Model for Trustworthy Utility Cloud Computing UMBC Computer Science Technical Report Number TR-CS-10-04
Private Virtual Infrastructure is a security architecture for cloud computing which uses a new trust model to share the responsibility of security in cloud computing between the service provider and client, decreasing the risk exposure to both. Private Virtual Infrastructure is under control of the information owner while the cloud fabric is under control of the service provider. The Private Vi...
متن کاملTrusted Attributes Based Middleware for Cloud Trust Management and Cloud Service Matching
The lack of trust between the cloud users and providers has hampered the overall acceptance of clouds as outsourcing computing services. So the development of trust has awareness technology for cloud computing has become an important and urgent research direction. In this project, a middleware system has been proposed, that is built on trust key attributes of cloud services that will be used fo...
متن کاملA New Trusted and Collaborative Agent Based Approach for Ensuring Cloud Security
In order to determine the user’s trust is a growing concern for ensuring privacy and security in a cloud computing environment. In cloud, user’s data is stored in one or more remote server(s) which poses more security challenges for the system. One of the most important concerns is to protect user’s sensitive information from other users and hackers that may cause data leakage in cloud storage....
متن کامل