Securing Outsourced VNFs: Challenges, State of the Art, and Future Directions
Peer reviewed, Journal article
Accepted version
Åpne
Permanent lenke
https://hdl.handle.net/11250/2825530Utgivelsesdato
2020Metadata
Vis full innførselSamlinger
Sammendrag
It is becoming increasingly common for enterprises to outsource network functions to a third party provider such as a public cloud. Besides its well documented benefits in cost and flexibility, outsourcing also introduces security issues. Peeking into or modifying traffic destined to the cloud are not the only threats we have to deal with; it can also be desirable to protect VNF code, input policies, and states from a malicious cloud provider. In recent years several solutions have been proposed toward mitigating the threats of outsourcing VNFs, using either cryptographic or trusted hardware- based mechanisms (the latter typically applying SGX). In this article, we provide an overview of methods for protecting the security of outsourced network functions. We introduce the challenges and emerging requirements, analyze the state of the art, and identify the gaps between the requirements and existing solutions. Furthermore, we outline a potential way to fill these gaps in order to devise a more complete solution.