TECHNOLOGIES FOR SECURE PERSONALIZATION OF A SECURITY MONITORING VIRTUAL NETWORK FUNCTION
First Claim
1. A security monitoring virtual network function (VNF) for performing security monitoring in a network functions virtualization (NFV) architecture, the security monitoring VNF comprising:
- one or more processors; and
one or more memory devices having stored therein a plurality of instructions that, when executed by the one or more processors, cause the security monitoring VNF to;
receive provisioning data from an NFV security services controller of the NFV architecture in network communication with the security monitoring VNF;
perform a mutually authenticated key exchange procedure with a VNF manager of the NFV architecture using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and the VNF manager;
receive personalization data from the VNF manager via the secure communication path, wherein the personalization data includes data usable to configure one or more security functions of the security monitoring VNF; and
perform a personalization operation to configure the security monitoring VNF based on the personalization data.
1 Assignment
0 Petitions
Accused Products
Abstract
Technologies for secure personalization of a security monitoring virtual network function (VNF) in a network functions virtualization (NFV) architecture include various security monitoring components, including a NFV security services controller, a VNF manager, and a security monitoring VNF. The security monitoring VNF is configured to receive provisioning data from the NFV security services controller and perform a mutually authenticated key exchange procedure using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and a VNF manager. The security monitoring VNF is further configured to receive personalization data from the VNF manager via the secure communication path and perform a personalization operation to configure one or more functions of the security monitoring VNF based on the personalization data. Other embodiments are described and claimed.
138 Citations
25 Claims
-
1. A security monitoring virtual network function (VNF) for performing security monitoring in a network functions virtualization (NFV) architecture, the security monitoring VNF comprising:
-
one or more processors; and one or more memory devices having stored therein a plurality of instructions that, when executed by the one or more processors, cause the security monitoring VNF to; receive provisioning data from an NFV security services controller of the NFV architecture in network communication with the security monitoring VNF; perform a mutually authenticated key exchange procedure with a VNF manager of the NFV architecture using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and the VNF manager; receive personalization data from the VNF manager via the secure communication path, wherein the personalization data includes data usable to configure one or more security functions of the security monitoring VNF; and perform a personalization operation to configure the security monitoring VNF based on the personalization data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more computer-readable storage media comprising a plurality of instructions stored thereon that in response to being executed cause a source endpoint node to:
-
receive provisioning data from an NFV security services controller of the NFV architecture in network communication with the security monitoring VNF; perform a mutually authenticated key exchange procedure with a VNF manager of the NFV architecture using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and the VNF manager; receive personalization data from the VNF manager via the secure communication path, wherein the personalization data includes data usable to configure one or more security functions of the security monitoring VNF; and perform a personalization operation to configure the security monitoring VNF based on the personalization data. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for secure personalization of a security monitoring virtual network function (VNF) in a network functions virtualization (NFV) architecture, the method comprising:
-
receiving, by the security monitoring VNF, provisioning data from an NFV security services controller of the NFV architecture in network communication with the security monitoring VNF; performing, by the security monitoring VNF, a mutually authenticated key exchange procedure with a VNF manager of the NFV architecture using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and the VNF manager; receiving, by the security monitoring VNF, personalization data from the VNF manager via the secure communication path, wherein the personalization data includes data usable to configure one or more security functions of the security monitoring VNF; and performing, by the security monitoring VNF, a personalization operation to configure the security monitoring VNF based on the personalization data. - View Dependent Claims (20, 21, 22, 23)
-
-
24. A security monitoring virtual network function (VNF) for performing security monitoring in a network functions virtualization (NFV) architecture, the security monitoring VNF comprising:
-
provisioning management circuitry to receive provisioning data from an NFV security services controller of the NFV architecture in network communication with the security monitoring VNF; means for performing a mutually authenticated key exchange procedure with a VNF manager of the NFV architecture using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and the VNF manager; personalization management circuitry to receive personalization data from the VNF manager via the secure communication path, wherein the personalization data includes data usable to configure one or more security functions of the security monitoring VNF; and means for performing, by the security monitoring VNF, a personalization operation to configure the security monitoring VNF based on the personalization data. - View Dependent Claims (25)
-
Specification