×

System and method of establishing trusted operability between networks in a network functions virtualization environment

  • US 9,749,294 B1
  • Filed: 09/08/2015
  • Issued: 08/29/2017
  • Est. Priority Date: 09/08/2015
  • Status: Active Grant
First Claim
Patent Images

1. A system for establishing a trusted end-to-end communication link between different Network Function Virtualization (NFV) networks, comprising:

  • a first server associated with a first NFV network, wherein the first server comprises a processor coupled to memory and is configured to;

    generate and send a first trust ticket establishing the security protocol for communicating with the first NFV network, a request to engage in communication with a second server associated with a second NFV network, and trusted data from the first NFV network, wherein the first NFV network is executing in a trusted security zone that provides hardware assisted security, and wherein the second server comprises a processor coupled to memory; and

    disable communication with the first NFV network after the first trust ticket, request and trusted data are sent;

    a virtual machine stored on the first NFV network, wherein the virtual machine executes virtualized network functions and is executing in a trusted security zone; and

    a session border controller executing in a trusted security zone, wherein the session border controller comprises a trust node and an application stored on the trust node, configured to;

    receive the first trust ticket, request, and trusted data from the first server;

    transmit the first trust ticket and request to a second session border controller, wherein the second session border controller transmits the request and first trust ticket to the second server associated with the second NFV network;

    receive a response to the request and a second trust ticket from the second server, wherein the second trust ticket establishes the security protocol for communicating with the second NFV network, wherein the response and second trust ticket are transmitted from the second session border controller to the first session border controller, and wherein the second NFV network is executing in in a trusted security zone, that provides hardware assisted security;

    compare the first and second trust tickets for compatibility; and

    transmit the trusted data to the second server if the trust tickets are compatible.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×