TCG based approach for secure management of virtualized platforms: state-of-the-art

There is a strong trend shift in the favor of adopting virtualization to get business benefits. The provisioning of virtualized enterprise resources is one kind of many possible scenarios. Where virtualization promises clear advantages it also poses new security challenges which need to be addressed to gain stakeholders confidence in the dynamics of new environment. One important facet of these challenges is establishing 'Trust' which is a basic primitive for any viable business model. The Trusted computing group (TCG) offers technologies and mechanisms required to establish this trust in the target platforms. Moreover, TCG technologies enable protecting of sensitive data in rest and transit. This report explores the applicability of relevant TCG concepts to virtualize enterprise resources securely for provisioning, establish trust in the target platforms and securely manage these virtualized Trusted Platforms

Experiences modelling and using object-oriented telecommunication service frameworks in SDL

This paper describes experiences in using SDL and its associated tools to create telecommunication services by producing and specialising object-oriented frameworks. The chosen approach recognises the need for the rapid creation of validated telecommunication services. It introduces two stages to service creation. Firstly a software expert produces a service framework, and secondly a telecommunications ‘business consultant' specialises the framework by means of graphical tools to rapidly produce services. Here the focus is given to the underlying technology required. In particular, the advantages and disadvantages of SDL and tools for this purpose are highlighted

Business-oriented development of telecommunication services

The development of software for distributed systems, e.g. telecommunication services, is a complex activity. Numerous issues have to be resolved when developing such systems, examples of which are language/system heterogeneity and remoteness of components. Interface definition languages (IDLs) are used as the basis for addressing some of these issues. IDLs allow for the specification of the syntactic aspects of the interfaces of the components in the system to be made. Whilst lending itself to issues of heterogeneity and location transparency, dealing with IDL as the basis for system development is not without its problems. Two of the main problems with IDL are its lack of behaviour and its lack of abstraction. Thus designers should not be constrained to work within the syntactic notations used to implement their systems, nor should they be unaided in how they might better design their systems. In this paper we show how these issues are being addressed in the TOSCA project in its development of a service creation and validation environment

Deploying Virtual Machines on Shared Platforms

In this report, we describe mechanisms for secure deployment of virtual machines on shared platforms looking into a telecommunication cloud use case, which is also presented in this report. The architecture we present focuses on the security requirements of the major stakeholders’ part of the scenario we present. This report comprehensively covers all major security aspects including different security mechanisms and protocols, leveraging existing standards and state-of-the art wherever applicable. In particular, our architecture uses TCG technologies for trust establishment in the deployment of operator virtual machines on shared resource platforms. We also propose a novel procedure for securely launching and cryptographically binding a virtual machine to a target platform thereby protecting the operator virtual machine and its related credentials

Can open-source projects (re-) shape the SDN/NFV-driven telecommunication market?

Telecom network operators face rapidly changing business needs. Due to their dependence on long product cycles they lack the ability to quickly respond to changing user demands. To spur innovation and stay competitive, network operators are investigating technological solutions with a proven track record in other application domains such as open source software projects. Open source software enables parties to learn, use, or contribute to technology from which they were previously excluded. OSS has reshaped many application areas including the landscape of operating systems and consumer software. The paradigmshift in telecommunication systems towards Software-Defined Networking introduces possibilities to benefit from open source projects. Implementing the control part of networks in software enables speedier adaption and innovation, and less dependencies on legacy protocols or algorithms hard-coded in the control part of network devices. The recently proposed concept of Network Function Virtualization pushes the softwarization of telecommunication functionalities even further down to the data plane. Within the NFV paradigm, functionality which was previously reserved for dedicated hardware implementations can now be implemented in software and deployed on generic Commercial Off-The Shelf (COTS) hardware. This paper provides an overview of existing open source initiatives for SDN/NFV-based network architectures, involving infrastructure to orchestration-related functionality. It situates them in a business process context and identifies the pros and cons for the market in general, as well as for individual actors