Abstract
In Telco cloud environment, virtual network func-
tions (VNFs) can be shipped in the form of virtual machine
images and hosted over commodity hardware. It is likely that
these VNF images will contain highly sensitive data and mission
critical network operations. For this reason, these VNF images
are prone to malicious tampering during shipping and even
after uploaded to the cloud image database. Furthermore, due to
various applications, there is a requirement from mobile network
operators to seal VNFs on specific platforms which satisfy
certain hardware and software configurations. This requires
cloud service providers to introduce some mechanisms to verify
VNF image integrity and host sealing before the instantiation of
VNFs. In this paper, we present a proof of concept demonstrated
with the help of an experimental setup to solve the above-
mentioned problems. We also evaluate the performance of the
envisioned setup and present some insights on its usability.
tions (VNFs) can be shipped in the form of virtual machine
images and hosted over commodity hardware. It is likely that
these VNF images will contain highly sensitive data and mission
critical network operations. For this reason, these VNF images
are prone to malicious tampering during shipping and even
after uploaded to the cloud image database. Furthermore, due to
various applications, there is a requirement from mobile network
operators to seal VNFs on specific platforms which satisfy
certain hardware and software configurations. This requires
cloud service providers to introduce some mechanisms to verify
VNF image integrity and host sealing before the instantiation of
VNFs. In this paper, we present a proof of concept demonstrated
with the help of an experimental setup to solve the above-
mentioned problems. We also evaluate the performance of the
envisioned setup and present some insights on its usability.
Original language | English |
---|---|
Pages | 1-6 |
Publication status | Published - May 2017 |