Trusted signaling in 3GPP interfaces in a network function virtualization wireless communication system
First Claim
1. A method of wireless communication enabled by hardware assisted security, comprising:
- receiving a trusted communication request from an enhanced node B (eNB) by a serving gateway interface application, where the serving gateway interface application is part of a serving gateway virtualized network function provided by a virtual server executing in a virtual computing environment;
determining by a security monitor module of the serving gateway virtualized network function that a trusted communication request has been received, where the security monitor module executes in a trusted security zone of compute resources provided by the virtual computing environment and wherein the trusted security zone provides hardware assisted security;
allocating a serving gateway interface trustlet by the security monitor module to handle the trusted communication request of the eNB, where the serving gateway interface trustlet executes in the trusted security zone, is associated with the serving gateway interface application, and is part of the serving gateway virtualized network function;
establishing trusted signaling by the serving gateway interface trustlet with two or more mobility management entity (MME), home subscriber server (HSS), policy and charging rules function (PCRF) server virtualized network functions provided by virtual servers executing in the virtual computing environment; and
sending a trust token by the serving gateway interface trustlet to the eNB, whereby a trusted communication link from the eNB is established via a virtualized network function path through the virtual computing environment.
6 Assignments
0 Petitions
Accused Products
Abstract
A method for providing a trusted communication link in a wireless network. A mobility management entity (MME) interface of a MME virtualized network function (VNF) receives a trusted communication request. A MME interface trustlet is allocated to execute in a trusted security zone of compute resources provided by a virtual computing environment in which the MME VNF executes. The MME interface trustlet establishes trusted signaling with two or more different VNFs provided by virtual servers executing in the virtual computing environment. The MME interface trustlet sends a trust token to the eNB to establish the trusted communication link from the eNB via a virtualized network function path through the virtual computing environment.
-
Citations
20 Claims
-
1. A method of wireless communication enabled by hardware assisted security, comprising:
-
receiving a trusted communication request from an enhanced node B (eNB) by a serving gateway interface application, where the serving gateway interface application is part of a serving gateway virtualized network function provided by a virtual server executing in a virtual computing environment; determining by a security monitor module of the serving gateway virtualized network function that a trusted communication request has been received, where the security monitor module executes in a trusted security zone of compute resources provided by the virtual computing environment and wherein the trusted security zone provides hardware assisted security; allocating a serving gateway interface trustlet by the security monitor module to handle the trusted communication request of the eNB, where the serving gateway interface trustlet executes in the trusted security zone, is associated with the serving gateway interface application, and is part of the serving gateway virtualized network function; establishing trusted signaling by the serving gateway interface trustlet with two or more mobility management entity (MME), home subscriber server (HSS), policy and charging rules function (PCRF) server virtualized network functions provided by virtual servers executing in the virtual computing environment; and sending a trust token by the serving gateway interface trustlet to the eNB, whereby a trusted communication link from the eNB is established via a virtualized network function path through the virtual computing environment. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of wireless communication enabled by hardware assisted security, comprising:
-
receiving a trusted communication request from an enhanced node B (eNB) by a mobility management entity (MME) interface application, where the MME interface application is part of an MME virtualized network function provided by a virtual server executing in a virtual computing environment; allocating an MME interface trustlet to the eNB that requested the trusted communication, where the MME interface trustlet executes in a trusted security zone of compute resources provided by the virtual computing environment, is associated with the MME interface application, and is part of the MME virtualized network function; establishing trusted signaling by the MME interface trustlet with two or more serving gateway, home subscriber server (HSS), policy and charging rules function (PCRF) server virtualized network functions provided by virtual servers executing in the virtual computing environment; and sending a trust token by the MME interface trustlet to the eNB, whereby a trusted communication link from the eNB is established via a virtualized network function path through the virtual computing environment. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method of wireless communication enabled by hardware assisted security, comprising:
-
receiving a trusted communication request from an enhanced node B (eNB) by a serving gateway interface application, where the serving gateway interface application is part of a serving gateway virtualized network function provided by a virtual server executing in a virtual computing environment; allocating a serving gateway interface trustlet to the eNB that requested the trusted communication, where the serving gateway interface trustlet executes in a trusted security zone of compute resources provided by the virtual computing environment, is associated with the serving gateway interface application, and is part of the serving gateway virtualized network function; establishing trusted signaling by the serving gateway interface trustlet with two or more mobility management entity (MME), home subscriber server (HSS), policy and charging rules function (PCRF) server virtualized network functions provided by virtual servers executing in the virtual computing environment; and sending a trust token by the serving gateway interface trustlet to the eNB, whereby a trusted communication link from the eNB is established via a virtualized network function path through the virtual computing environment. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification