Assuring virtual network function image integrity and host sealing in Telco cloud

In Telco cloud environment, virtual network functions (VNFs) can be shipped in the form of virtual machine images and hosted over commodity hardware. It is likely that these VNF images will contain highly sensitive data and mission critical network operations. For this reason, these VNF images are prone to malicious tampering during shipping and even after uploaded to the cloud image database. Furthermore, due to various applications, there is a requirement from mobile network operators to seal VNFs on specific platforms which satisfy certain hardware and software configurations. This requires cloud service providers to introduce some mechanisms to verify VNF image integrity and host sealing before the instantiation of VNFs. In this paper, we present a proof of concept demonstrated with the help of an experimental setup to solve the above-mentioned problems. We also evaluate the performance of the envisioned setup and present some insights on its usability.

Shankar Lal, Sowmya Ravidas, Ian Oliver (Nokia Bell Labs), Tarik Taleb (Aalto Unversity): Assuring virtual network function image integrity and host sealing in Telco cloud

Presented at 2017 IEEE International Conference on Communications (ICC), Paris. 21-25 May 2017

http://ieeexplore.ieee.org/document/7997299/

Share on LinkedInGoogle+Tweet about this on TwitterShare on FacebookEmail to someone