5G-PARTNER SICS presents its work on TruSDN: Bootstrapping Trust in Cloud Network Infrastructure at SecureComm 2016
Nicolae Paladi and Christian Gehrmann, SICS Swedish ICT, present their paper related to the “Bootstrapping Trust” enabler at the 12th EAI International Conference on Security and Privacy in Communication Networks, 10-12 October 2016 in Guangzhou, China.
Bootstrapping Trust in Cloud Network Infrastructure
Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilisation, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. The authors describe the implementation and evaluation of TruSDN, a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. The authors introduce ephemeral flow-specific pre-shared keys and propose a novel defence against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead.
Keywords: Software Defined Networking, trust, integrity, virtual switches
SecureComm 2016 Topics of interest
Research advances in ALL areas of secure communications and networking.
- Security & Privacy in Wired, Wireless, Mobile, Hybrid, Sensor, Ad Hoc networks
- Network Intrusion Detection and Prevention, Firewalls, Packet Filters
- Malware Analysis and Detection including Botnets, Trojans and APTs
- Web and Systems Security
- Distributed Denial of Service Attacks and Defences
- Communication Privacy and Anonymity
- Circumvention and Anti-Censorship Technologies
- Network and Internet Forensics Techniques
- Authentication Systems: Public Key Infrastructures, Key Management, Credential Management
- Secure Routing, Naming/Addressing, Network Management
- Security & Privacy in Pervasive and Ubiquitous Computing, e.g., RFIDs
- Security & Privacy in Peer-to-Peer and Overlay Networks
- Security & Privacy for Emerging Technologies: VoIP, Internet-of-Things, Social Networks
- Security & Isolation in Cloud, Data Centre and Software-Defined Network
SecureComm is endorsed by the European Alliance for Innovation, a leading community-based organisation devoted to advancing innovation in the field of ICT.
Programme, logistics and registration