Change search
ReferencesLink to record
Permanent link

Direct link
TruSDN: Bootstrapping Trust in Cloud Network Infrastructure
RISE, Swedish ICT, SICS, Security Lab.
RISE, Swedish ICT, SICS, Security Lab.
Number of Authors: 2
2016 (English)Conference paper (Refereed)
Abstract [en]

Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN, a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific pre-shared keys and propose a novel defence against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead.

Place, publisher, year, edition, pages
2016, 10.
Keyword [en]
Software Defined Networking, trust, integrity, virtual switches
National Category
Computer and Information Science
URN: urn:nbn:se:ri:diva-20977OAI: diva2:1041011
12th EAI International Conference on Security and Privacy in Communication Networks, OCTOBER 10–12, 2016, GUANGZHOU, PEOPLE'S REPUBLIC OF CHINA
Available from: 2016-10-31 Created: 2016-10-31 Last updated: 2017-01-04

Open Access in DiVA

fulltext(1120 kB)50 downloads
File information
File name FULLTEXT01.pdfFile size 1120 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
Security Lab
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 50 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 50 hits
ReferencesLink to record
Permanent link

Direct link