Advertisement

Trust Anchors in Software Defined Networks

  • Nicolae Paladi
  • Linus Karlsson
  • Khalid Elbashir
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11099)

Abstract

Advances in software virtualization and network processing lead to increasing network softwarization. Software network elements running on commodity platforms replace or complement hardware components in cloud and mobile network infrastructure. However, such commodity platforms have a large attack surface and often lack granular control and tight integration of the underlying hardware and software stack. Often, software network elements are either themselves vulnerable to software attacks or can be compromised through the bloated trusted computing base. To address this, we protect the core security assets of network elements - authentication credentials and cryptographic context - by provisioning them to and maintaining them exclusively in isolated execution environments. We complement this with a secure and scalable mechanism to enroll network elements into software defined networks. Our evaluation results show a negligible impact on run-time performance and only a moderate performance impact at the deployment stage.

Notes

Acknowledgements

This research was conducted within the 5G-ENSURE and COLA projects and received funding from the European Union’s Horizon 2020 research and innovation programme, under grant agreements No. 671562 and 731574.

References

  1. 1.
    Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2013, p. 10. ACM, June 2013Google Scholar
  2. 2.
    Antikainen, M., Aura, T., Särelä, M.: Spook in your network: attacking an SDN with a compromised OpenFlow switch. In: Bernsmed, K., Fischer-Hübner, S. (eds.) NordSec 2014. LNCS, vol. 8788, pp. 229–244. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11599-3_14CrossRefGoogle Scholar
  3. 3.
    Arbettu, R.K., Khondoker, R., Bayarou, K., Weber, F.: Security analysis of OpenDaylight, ONOS, Rosemary and Ryu SDN controllers. In: 2016 17th International Telecommunications Network Strategy and Planning Symposium (Networks), pp. 37–44, September 2016Google Scholar
  4. 4.
    Arnautov, S., et al.: SCONE: secure Linux containers with Intel SGX. In: Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation, OSDI 2016, pp. 689–703. USENIX, November 2016Google Scholar
  5. 5.
    Aublin, P.L., et al.: TaLoS: secure and transparent TLS termination inside SGX enclaves. Technical report 2017/5, Imperial College London, March 2017Google Scholar
  6. 6.
    Ball, T., et al.: VeriCon: towards verifying controller programs in software-defined networks. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2014, pp. 282–293. ACM, June 2014Google Scholar
  7. 7.
    Berde, P., et al.: ONOS: towards an open, distributed SDN OS. In: Proceedings of the 3rd Workshop on Hot Topics in Software Defined Networking, HotSDN 2014, pp. 1–6. ACM, August 2014Google Scholar
  8. 8.
    Bifulco, R., Boite, J., Bouet, M., Schneider, F.: Improving SDN with InSPired switches. In: Proceedings of the Symposium on SDN Research, SOSR 2016, pp. 1–12. ACM, March 2016Google Scholar
  9. 9.
    Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C., Moeller, B.: The open vSwitch database management protocol. RFC 4492, IETF, May 2006. http://www.rfc-editor.org/rfc/rfc4492.txt
  10. 10.
    Bleichenbacher, D.: Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055716CrossRefGoogle Scholar
  11. 11.
    Chown, P.: Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS). RFC 3268, IETF, May 2002. http://www.rfc-editor.org/rfc/rfc3268.txt
  12. 12.
    Coker, G., et al.: Principles of remote attestation. Int. J. Inf. Secur. 10(2), 63–81 (2011)CrossRefGoogle Scholar
  13. 13.
    OpenFlow Switch Consortium: OpenFlow switch specification, v. 1.5.1. Technical report, ONF TS-025, Open Networking Foundation, March 2015Google Scholar
  14. 14.
    Coughlin, M., Keller, E., Wustrow, E.: Trusted click: overcoming security issues of NFV in the cloud. In: Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, SDN-NFVSec 2017, pp. 31–36. ACM, March 2017Google Scholar
  15. 15.
    Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, IETF, August 2008. http://www.rfc-editor.org/rfc/rfc3268.txt
  16. 16.
    Emmerich, P., Gallenmüller, S., Raumer, D., Wohlfart, F., Carle, G.: MoonGen: a scriptable high-speed packet generator. In: Proceedings of the 2015 Internet Measurement Conference, IMC 2015, pp. 275–287. ACM, New York (2015)Google Scholar
  17. 17.
    Enns, R., Bjorklund, M., Schoenwaelder, J.: Network configuration protocol (NETCONF). RFC 6241, IETF, June 2011. http://www.rfc-editor.org/rfc/rfc6241.txt
  18. 18.
    Frigge, M., Hoaglin, D.C., Iglewicz, B.: Some implementations of the Boxplot. Am. Stat. 43(1), 50–54 (1989). http://www.jstor.org/stable/2685173Google Scholar
  19. 19.
    Girtler, D., Paladi, N.: Component integrity guarantees in software-defined networking infrastructure. In: Proceedings of the 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017, pp. 292–296, November 2017Google Scholar
  20. 20.
    Group Specification: Network Functions Virtualisation (NFV), Architectural Framework, v. 1.1.1. Technical report, GS NFV 002, European Telecommunications Standards Institute, October 2013Google Scholar
  21. 21.
    Hu, H., Han, W., Ahn, G.J., Zhao, Z.: FLOWGUARD: building robust firewalls for software-defined networks. In: Proceedings of the 3rd Workshop on Hot Topics in Software Defined Networking, HotSDN 2014, pp. 97–102. ACM, August 2014Google Scholar
  22. 22.
    IBM Corp.: TrouSerS: The open-source TCG Software Stack. http://trousers.sourceforge.net/. Accessed 13 Apr 2018
  23. 23.
    Intel: Intel 64 and IA-32 Architectures Software Developer’s Manual, Combined Volumes: 1, 2A, 2B, 2C, 2D, 3A, 3B, 3C, 3D and 4. Technical report, 325462–063US, Intel Inc., July 2017Google Scholar
  24. 24.
    Intel Corp.: Intel SGX SSL. https://github.com/01org/intel-sgx-ssl. Accessed 20 July 2017
  25. 25.
  26. 26.
    Jacquin, L., Shaw, A.L., Dalton, C.: Towards trusted software-defined networks using a hardware-based integrity measurement architecture. In: Proceedings of the 1st IEEE Conference on Network Softwarization, NetSoft 2015, pp. 1–6, April 2015Google Scholar
  27. 27.
    Jain, P., et al.: OpenSGX: an open platform for SGX research. In: Proceedings of the 2016 Network and Distributed System Security Symposium, NDSS 2016. Internet Society, February 2016Google Scholar
  28. 28.
    Kim, S., Han, J., Ha, J., Kim, T., Han, D.: Enhancing security and privacy of Tor’s ecosystem by using trusted execution environments. In: 14th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2017, pp. 145–161. USENIX (2017)Google Scholar
  29. 29.
    Kim, S., Shin, Y., Ha, J., Kim, T., Han, D.: A first step towards leveraging commodity trusted execution environments for network applications. In: Proceedings of the 14th ACM Workshop on Hot Topics in Networks, HotNets-XIV, pp. 7:1–7:7. ACM, November 2015Google Scholar
  30. 30.
    Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN 2013, pp. 55–60. ACM, August 2013Google Scholar
  31. 31.
    mbedTLS: TLS for SGX: a port of mbedTLS. https://github.com/bl4ck5un/mbedtls-SGX. Accessed 23 Apr 2018
  32. 32.
    McKeen, F., et al.: Intel software guard extensions (Intel SGX) support for dynamic memory management inside an enclave. In: Proceedings of the 2016 Hardware and Architectural Support for Security and Privacy, HASP 2016, pp. 10:1–10:9. ACM, June 2016Google Scholar
  33. 33.
    McKeen, F., et al.: Innovative instructions and software model for isolated execution. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2013, p. 10:1. ACM, June 2013Google Scholar
  34. 34.
    McKeown, N., et al.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38, 69–74 (2008)CrossRefGoogle Scholar
  35. 35.
    Morris, R., Kohler, E., Jannotti, J., Kaashoek, M.F.: The click modular router. ACM Trans. Comput. Syst. 18(3), 263–297 (2000)CrossRefGoogle Scholar
  36. 36.
    Nyman, T., Ekberg, J.E., Asokan, N.: Citizen electronic identities using TPM 2.0. In: Proceedings of the 4th International Workshop on Trustworthy Embedded Devices, TrustED 2014, pp. 37–48. ACM (2014)Google Scholar
  37. 37.
    Olsson, R.: Pktgen the Linux packet generator. In: Proceedings of the Linux Symposium, Ottawa, Canada, pp. 11–24, May 2005Google Scholar
  38. 38.
    Open vSwitch: Open vSwitch Manual. https://github.com/openvswitch/ovs/blob/master/INSTALL.SSL.rst. Accessed 10 Nov 2017
  39. 39.
    OpenDaylight Community: Secure Network Bootstrapping Infrastructure, October 2017. http://docs.opendaylight.org/en/stable-boron/user-guide/snbi-user-guide.html. Accessed Oct 2017
  40. 40.
    Paladi, N., Gehrmann, C.: Towards secure multi-tenant virtualized networks. In: 2015 IEEE TrustCom/BigDataSE/ISPA, vol. 1, pp. 1180–1185, August 2015Google Scholar
  41. 41.
    Paladi, N.: Towards secure SDN policy management. In: Proceedings of the 8th International Conference on Utility and Cloud Computing, UCC 2015, pp. 607–611, December 2015.  https://doi.org/10.1109/UCC.2015.106
  42. 42.
    Paladi, N.: Trust but verify: trust establishment mechanisms in infrastructure clouds. Ph.D. thesis, Department of Electrical Engineering, Lund University, September 2017Google Scholar
  43. 43.
    Paladi, N., Gehrmann, C.: TruSDN: bootstrapping trust in cloud network infrastructure. In: Deng, R., Weng, J., Ren, K., Yegneswaran, V. (eds.) SecureComm 2016. LNICST, vol. 198, pp. 104–124. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-59608-2_6CrossRefGoogle Scholar
  44. 44.
    Paladi, N., Karlsson, L.: Safeguarding VNF credentials with Intel SGX. In: Proceedings of the SIGCOMM Posters and Demos, SIGCOMM Posters and Demos 2017, pp. 144–146. ACM, August 2017Google Scholar
  45. 45.
    Parno, B.: Bootstrapping trust in a “trusted” platform. In: Proceedings of the 3rd Conference on Hot Topics in Security, HOTSEC 2008, pp. 9:1–9:6. USENIX, July 2008Google Scholar
  46. 46.
    Pfaff, B., Davie, B.: The open vSwitch database management protocol. RFC 7047, IETF, December 2013. http://www.rfc-editor.org/rfc/rfc7047.txt
  47. 47.
    Pfaff, B., et al.: The design and implementation of open vSwitch. In: Proceedings of the 12th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2015, pp. 117–130. USENIX, May 2015Google Scholar
  48. 48.
    Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., Gu, G.: A security enforcement kernel for OpenFlow networks. In: Proceedings of the 1st Workshop on Hot Topics in Software Defined Networks, HotSDN 2012, pp. 121–126. ACM, August 2012Google Scholar
  49. 49.
    Scott-Hayward, S., Natarajan, S., Sezer, S.: A survey of security in software defined networks. IEEE Comm. Surv. Tutor. 18, 623–654 (2015)CrossRefGoogle Scholar
  50. 50.
    Sekar, V., Egi, N., Ratnasamy, S., Reiter, M.K., Shi, G.: Design and implementation of a consolidated middlebox architecture. In: Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation, p. 24. USENIX Association (2012)Google Scholar
  51. 51.
    Sherwood, R., et al.: Carving research slices out of your production networks with OpenFlow. ACM SIGCOMM Comput. Commun. Rev. 40, 129–130 (2010)CrossRefGoogle Scholar
  52. 52.
    Shih, M.W., Kumar, M., Kim, T., Gavrilovska, A.: S-NFV: securing NFV states by using SGX. In: Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, SDN-NFV Security 2016, pp. 45–48. ACM, March 2016Google Scholar
  53. 53.
    Shin, S., Porras, P.A., Yegneswaran, V., Fong, M.W., Gu, G., Tyson, M.: FRESCO: modular composable security services for software-defined networks. In: Proceedings of the 20th Annual Network & Distributed System Security Symposium, NDSS 2013. Internet Society, February 2013Google Scholar
  54. 54.
    Telecommunication Standardization Sector of ITU: Security requirements and reference architecture for software-defined networking. Technical report, X.1038, International Telecommunications Union, October 2016Google Scholar
  55. 55.
    Thimmaraju, K., et al.: The vAMP attack: taking control of cloud systems via the unified packet parser. In: Proceedings of the 2017 on Cloud Computing Security Workshop, CCSW 2017, pp. 11–15. ACM, New York (2017)Google Scholar
  56. 56.
    Trusted Computing Group: TPM Main Specification Level 2 Version 1.2, Revision 116. Parts 1–3. Technical report, \(116\_01032011\), Trusted Computing Group Inc., March 2011Google Scholar
  57. 57.
    Trusted Computing Group: Trusted Platform Module Library Specification, Family “2.0”, Level 00, Revision 01.16. Technical report, \(120\_01102013\), Trusted Computing Group Inc., October 2014Google Scholar
  58. 58.
    Vaudenay, S.: Security flaws induced by CBC padding—applications to SSL, IPSEC, WTLS. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-46035-7_35CrossRefGoogle Scholar
  59. 59.
    WolfSSL: wolfSSL with Intel SGX on Linux. https://www.wolfssl.com/wolfSSL/Blog/Entries/2017/6/14_wolfSSL_with_Intel_SGX_on_Linux.html. Accessed 20 July 2017
  60. 60.
    Xiao, Y., Li, M., Chen, S., Zhang, Y.: Stacco: differentially analyzing side-channel traces for detecting SSL/TLS vulnerabilities in secure enclaves. arXiv preprint arXiv:1707.03473 (2017)
  61. 61.
    Xing, B.C., Shanahan, M., Leslie-Hurd, R.: Intel software guard extensions (Intel SGX) software support for dynamic memory allocation inside an enclave. In: Proceedings of the 2016 Hardware and Architectural Support for Security and Privacy, HASP 2016, pp. 11:1–11:9. ACM, June 2016Google Scholar
  62. 62.
    Zhu, S.Y., Scott-Hayward, S., Jacquin, L., Hill, R.: Guide to Security in SDN and NFV, 1st edn. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-319-64653-4CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Nicolae Paladi
    • 1
  • Linus Karlsson
    • 2
  • Khalid Elbashir
    • 3
  1. 1.RISE SICSKistaSweden
  2. 2.Lund UniversityLundSweden
  3. 3.KTH - Royal Institute of TechnologyStockholmSweden

Personalised recommendations