×

Support systems interactions with virtual network functions in a trusted security zone

  • US 9,811,686 B1
  • Filed: 10/09/2015
  • Issued: 11/07/2017
  • Est. Priority Date: 10/09/2015
  • Status: Active Grant
First Claim
Patent Images

1. An apparatus, comprising:

  • a network communication interface to communicatively couple the apparatus to a network;

    a processor coupled to the network communication interface and comprising a normal partition and a secure partition;

    a memory coupled to the processor and comprising a normal memory and a secure memory;

    a trusted security zone comprising the secure partition and the secure memory, wherein when the processor executes the secure partition, the normal partition is prevented from executing, and wherein the trusted security zone executes a separate operating system that is inaccessible to users of the apparatus; and

    a trusted orchestrator application stored in the secure memory that, when executed by the secure partition of the processor;

    receives fully-detailed data from a virtualized network function of a virtual server via a trusted end-to-end communication link, wherein the data comprises a log of events performed by the virtual network function for a customer, and wherein existence of the fully-detailed data is restricted to the trusted security zone;

    sanitizes the data received from the virtualized network function into sanitized data that is not restricted to the trusted security zone, wherein sanitizing the data received from the virtualized network function removes identifying information of the customer to form the sanitized data; and

    transmits the sanitized data outside of the trusted security zone to a network device for providing services to the customer according to the log of events.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×