TruSDN: Bootstrapping Trust in Cloud Network Infrastructure

Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement \( {\textsf{TruSDN}} \), a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific pre-shared keys and propose a novel defense against cuckoo attacks on SGX enclaves. \( {\textsf{TruSDN}} \) is secure under a powerful adversary model, with a minor performance overhead.

[1]  Brent Byunghoon Kang,et al.  OpenSGX: An Open Platform for SGX Research , 2016, NDSS.

[2]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[3]  Xiaoyu Ruan,et al.  Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine , 2014 .

[4]  Thomas Ristenpart,et al.  When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography , 2010, NDSS.

[5]  Hannes Tschofenig,et al.  Comparison Studies between Pre-Shared and Public Key Exchange Mechanisms for Transport Layer Security , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[6]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[7]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[8]  Christos Gkantsidis,et al.  VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[9]  Hovav Shacham,et al.  Iago attacks: why the system call API is a bad untrusted RPC interface , 2013, ASPLOS '13.

[10]  Christian E. Hopps,et al.  Analysis of an Equal-Cost Multi-Path Algorithm , 2000, RFC.

[11]  Marcus Peinado,et al.  Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.

[12]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[13]  Hannes Tschofenig,et al.  Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) , 2005, RFC.

[14]  QaziZafar Ayyub,et al.  SIMPLE-fying middlebox policy enforcement using SDN , 2013 .

[15]  Ken Gray,et al.  SDN: Software Defined Networks , 2013 .

[16]  Nicolae Paladi,et al.  Towards Secure Multi-tenant Virtualized Networks , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[17]  Ghassan O. Karame,et al.  On the Fingerprinting of Software-Defined Networks , 2016, IEEE Transactions on Information Forensics and Security.

[18]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[19]  Minlan Yu,et al.  SIMPLE-fying middlebox policy enforcement using SDN , 2013, SIGCOMM.

[20]  Martín Casado,et al.  Abstractions for software-defined networks , 2014, Commun. ACM.

[21]  Jiangtao Li,et al.  Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities , 2007, IEEE Transactions on Dependable and Secure Computing.

[22]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[23]  Juan del Cuvillo,et al.  Using innovative instructions to create trustworthy software solutions , 2013, HASP '13.

[24]  Vinod Yegneswaran,et al.  Securing the Software Defined Network Control Layer , 2015, NDSS.

[25]  Martín Casado,et al.  NOX: towards an operating system for networks , 2008, CCRV.

[26]  Brent Byunghoon Kang,et al.  Rosemary: A Robust, Secure, and High-performance Network Operating System , 2014, CCS.

[27]  Lei Xu,et al.  Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures , 2015, NDSS.

[28]  Bryan Parno,et al.  Bootstrapping Trust in a "Trusted" Platform , 2008, HotSec.

[29]  Dino Farinacci,et al.  Generic Routing Encapsulation (GRE) , 2000, RFC.

[30]  Mabry Tyson,et al.  A security enforcement kernel for OpenFlow networks , 2012, HotSDN '12.

[31]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[32]  Nicolae Paladi,et al.  Providing User Security Guarantees in Public Infrastructure Clouds , 2017, IEEE Transactions on Cloud Computing.

[33]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[34]  Jiangtao Li,et al.  Key Exchange with Anonymous Authentication Using DAA-SIGMA Protocol , 2010, INTRUST.