Building Blocks Towards a Trustworthy NFV Infrastructure



Similar documents
A Virtualized Linux Integrity Subsystem for Trusted Cloud Computing

How to Secure Infrastructure Clouds with Trusted Computing Technologies

Lecture Embedded System Security Dynamic Root of Trust and Trusted Execution

Uni-directional Trusted Path: Transaction Confirmation on Just One Device

Index. BIOS rootkit, 119 Broad network access, 107

SDN software switch Lagopus and NFV enabled software node

Start building a trusted environment now... (before it s too late) IT Decision Makers

Embedded Trusted Computing on ARM-based systems

Can PCI DSS Compliance Be Achieved in a Cloud Environment?

Secure Data Management in Trusted Computing

Technical Brief Distributed Trusted Computing

SOFTWARE ASSET MANAGEMENT Continuous Monitoring. September 16, 2013

Control your corner of the cloud.

A Perspective on the Evolution of Mobile Platform Security Architectures

Patterns for Secure Boot and Secure Storage in Computer Systems

TNC: Open Standards for Network Security Automation. Copyright 2010 Trusted Computing Group

THE REVOLUTION TOWARDS SOFTWARE- DEFINED NETWORKING

Trusted Geolocation in The Cloud Technical Demonstration

Palo Alto Networks. Security Models in the Software Defined Data Center

Virtualization, SDN and NFV

HW (Fat001) TPM. Figure 1. Computing Node

Using the TPM to Solve Today s Most Urgent Cybersecurity Problems

On the security of Virtual Machine migration and related topics

Software Defined Networking and Network Virtualization

Trusted Virtual Datacenter Radically simplified security management

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is

Acronym Term Description

VNF & Performance: A practical approach

SOFTWARE DEFINED NETWORKING

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Mobile Platform Security Architectures A perspective on their evolution

Networking for Caribbean Development

Developing High-Performance, Flexible SDN & NFV Solutions with Intel Open Network Platform Server Reference Architecture

vtpm: Virtualizing the Trusted Platform Module

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Building the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems

Software-Defined Network (SDN) & Network Function Virtualization (NFV) Po-Ching Lin Dept. CSIE, National Chung Cheng University

A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

New Security Perspective for Virtualized Platforms

Oracle Solaris: Aktueller Stand und Ausblick

Software Defined Networking and Network Virtualization

Lecture 7: Privacy and Security in Mobile Computing. Cristian Borcea Department of Computer Science NJIT

Digital Rights Management Demonstrator

Management and Orchestration of Virtualized Network Functions

Whitepaper Enhancing BitLocker Deployment and Management with SimplySecure. Addressing the Concerns of the IT Professional Rob Weber February 2015

Trusted Virtual Machine Management for Virtualization in Critical Environments

COMPUTING. Centellis Virtualization Platform An open hardware and software platform for implementing virtualized applications

Embedding Trust into Cars Secure Software Delivery and Installation

PLUMgrid Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure

Nokia Networks. Nokia Networks. telco cloud is on the brink of live deployment

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

OPNFV Summit 2015 Presentation. Coexistence of Commercial Solutions with OpenSource OPNFV Platform

Secure Networks for Process Control

Cloud Security Overview

SPACK FIREWALL RESTRICTION WITH SECURITY IN CLOUD OVER THE VIRTUAL ENVIRONMENT

Understanding the Business Case of Network Function Virtualization

A Look at the New Converged Data Center

Virtualized Network Services SDN solution for enterprises

Security Overview of the Integrity Virtual Machines Architecture

William Hery Research Professor, Computer Science and Engineering NYU-Poly

Oracle Solaris Security: Mitigate Risk by Isolating Users, Applications, and Data

WIND RIVER SECURE ANDROID CAPABILITY

TNC Endpoint Compliance and Network Access Control Profiles

Virtual Hosting & Virtual Machines

UNCLASSIFIED Version 1.0 May 2012

Set Up a VM-Series NSX Edition Firewall

Windows Server Virtualization & The Windows Hypervisor

OPENFLOW, SDN, OPEN SOURCE AND BARE METAL SWITCHES. Guido Appenzeller (Not representing Anyone)

Virtualized Network Services SDN solution for service providers

Property Based TPM Virtualization

Vidder PrecisionAccess

Designing Virtual Network Security Architectures Dave Shackleford

Software Defined Networking (SDN) Software Defined Security

Linux Server Support by Applied Technology Research Center. Proxy Server Configuration

Intel Software Guard Extensions(Intel SGX) Carlos Rozas Intel Labs November 6, 2013

Virtual Switching Without a Hypervisor for a More Secure Cloud

Security Issues in Cloud Computing

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

RPM Brotherhood: KVM VIRTUALIZATION TECHNOLOGY

Brocade SDN/OpenFlow. Norival Figueira Office of the CTO. January 9, /2015 BROCADE COMMUNICATIONS SYSTEMS, INC. ALL RIGHTS RESERVED.

Cloud Orchestration. Mario Cho. Open Frontier Lab.

Network Access Control (NAC) and Network Security Standards

Transcription:

Building Blocks Towards a Trustworthy NFV Infrastructure IRTF NFVRG Adrian L. Shaw <adrian.shaw@hp.com> Hewlett-Packard Laboratories / July 22 nd, 2015 1

Why security and trust? Big requirement for critical infrastructures Security is not just about ACLs and crypto Workflows and service lifecycles Need for continual compliance monitoring Quick remediation Assurance requires strong visibility and infrastructure transparency

Where were we before? Cloud General purpose Difficult to generally automate Compute and storage centric Administrators Multiple owners and tenants NFV Very specific purpose Controlled software Focused orchestration I/O centric Operator + some customers Generally broad and difficult Opportunity for focused security

Trusted Computing and Remote Attestation Trusted computing: checking if platform executes expected SW Enforced through a component isolated from the software Measurement log signed by secure identity and verified remotely Remote verifier must have measurements of all expected software and configurations Different roots of trust: Measurement, storage, recovery, etc General requirement for a root of trust: Secure storage Protected memory Shielded execution Cryptographic engine

Hardware-based Roots of Trust Minimum piece to be trusted in order to achieve security property Why hardware? Identity in hardware helps prevent ID forgery and SW-based attacks Small functionality and immutability give high assurance A small chip is often more reliable than someone else s Python script Bind identity to platform Standards Trusted Platform Module (TPM) and Trusted Computing Group (TCG) Other HW roots of trust: Intel TXT, AMD SVM, ARM TrustZone + PUFs Provisioning & authentication: IEEE 802.1AR Secure Device Identity

Building blocks Platform boot time integrity Verified boot only allow signed software components Trusted boot reports the version of each software in boot chain Load time inspection Linux IMA measure each program and report to TPM before executing Measures high integrity files e.g. readable by root user Linux EVM measures integrity of file-system permissions Network integrity Bind platform certificates to root of trust Configuration measurement (e.g. SDN VLANs, MACSEC context)

IMA: Host-level attestation Measures and reports to the TPM every time the kernel loads: Executable programs Shared libraries Files readable by high integrity (e.g. Root user) Flexible appraisal strategy SHA-1/SHA-256 measurements Signature-based verification Overheads Speed of verification Integrity report size: Virtualized security at the network edge Montero et al

Trusted channel establishment 8: evaluate measurements -> 4: request integrity and verify cert <- 9: verification result Trusted Third Party OpenAttestation -> 5: request integrity report <- 7: send integrity report Host1 strongswan (initiator) 1: start trusted channel -> 2: start handshake <- 3: get cert 10: if verification is ok: establish channel 0: measure hw/sw components during the boot Host2 strongswan (responder) MEAS. MODULE (IMA) TPM RA AGENT 6: retrieve measurements and create TPM quote 11: exchange data PSCM privileged OS hypervisor hardware

Compliance monitoring of SDN Control plane not visualised Dataplane Monitoring plane Outboun d traffic Inbound traffic VMM Hardware Switch vswitch TrustedFW SDN controller VMM Hardware Switch TrustedFW Sync vswitch Attest switch configurations SDN verifier

Remote Attestation of a Network Element SDN controller SDN contex t SDN switch Network Element Introspect Measure Sync RTR Get SDN conf. Report RA agent Get RA proof SDN verifier Store Trusted RTM Device Trusted Computing Base (TCB)

SDN attestation report Attestation requests context TCB includes reporting agent Report covers Header matches for L1, L2, L3, L4 Action Priority Surrounding DP configuration Report signed by the TPM Prototyped on HW SNMP-based, thinking of appropriate monitoring protocol Digest: 9335860991caa2c169732facea5704624ea8a311 Digest: b6a716e7f86fc2489800d99e805bb2e712ed6def TPM sign operation

Compliance monitoring for NFV Compute verifier Outbound traffic NFV software stack OSS/BSS Inbound traffic VMM vswitch Hardware Switch TrustedFW manager NFV orchestrator VIM SDN controller VMM vswitch Hardware Switch TrustedFW Attest switch configurations Errors Sync SDN verifier

Takeaways Great opportunity for TC to work for NFV Operator more likely to know expected software images and configurations Different building blocks can be applied for varying levels of integrity Ethemeral configurations (e.g. SDN) need monitoring Data plane security alert on unauthorised change Other needs: Control plane security separation of concerns between SDN applications Stateless infrastructure deployment Better for attestation of compute nodes without too many ringing alarm bells

Thank you adrian.shaw@hp.com 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information