Trust Anchors in Software Defined Networks

06/19/2018
by   Nicolae Paladi, et al.
0

Advances in software virtualization and network processing lead to increasing network softwarization. Software network elements running on commodity platforms replace or complement hardware components in cloud and mobile network infrastructure. However, such com- modity platforms have a large attack surface and often lack granular control and tight integration of the underlying hardware and software stack. Often, software network elements are either themselves vulnerable to software attacks or can be compromised through the bloated trusted computing base. To address this, we protect the core security assets of network elements - authentication credentials and cryptographic context - by provisioning them to and maintaining them exclusively in isolated execution environments. We complement this with a secure and scalable mechanism to enroll network elements into software defined networks. Our evaluation results show a negligible impact on run-time performance and only a moderate performance impact at the deployment stage.

READ FULL TEXT
research
05/24/2019

PACStack: an Authenticated Call Stack

A popular run-time attack technique is to compromise the control-flow in...
research
08/07/2021

Machine Learning Assisted Security Analysis of 5G-Network-Connected Systems

The core network architecture of telecommunication systems has undergone...
research
09/05/2018

A Threat Modeling Framework for Evaluating Computing Platforms Against Architectural Attacks

software component misuse a privileged relationship with the hardware to...
research
09/22/2022

Trusted IP solution in multi-tenant cloud FPGA platform

Because FPGAs outperform traditional processing cores like CPUs and GPUs...
research
08/02/2018

StreamBox-TZ: Secure Stream Analytics at the Edge with TrustZone

While it is compelling to process large streams of IoT data on the cloud...
research
05/06/2022

Unlimited Lives: Secure In-Process Rollback with Isolated Domains

The use of unsafe programming languages still remains one of the major r...
research
09/14/2023

TGh: A TEE/GC Hybrid Enabling Confidential FaaS Platforms

Trusted Execution Environments (TEEs) suffer from performance issues whe...

Please sign up or login with your details

Forgot password? Click here to reset