Protect Network Automation through Securing Keys in Hardware
Network automation platforms are increasingly adopting Microservices. For example ONAP. ONAP Security loopholes, can significantly disrupt operations. Microservices spanning across geographies, need f …
| Talk Title | Protect Network Automation through Securing Keys in Hardware |
| Speakers | Srinivasa Addepalli (Sr. Principal Engineer, Intel), Dhananjay Pavgi (Competency Head, Tech Mahindra Ltd) |
| Conference | Open Networking Summit North America |
| Conf Tag | |
| Location | Los Angeles, CA, USA |
| Date | Mar 26-30, 2018 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Network automation platforms are increasingly adopting Microservices. For example ONAP. ONAP Security loopholes, can significantly disrupt operations. Microservices spanning across geographies, need for deployments at edges, scale-out of these services add to security challenges. Trusted infrastructure is needed to enable secure communication among microservices with auto certificate enrolment. To keep private keys, secrets secure from adversaries and to eliminate passwords proliferation across microservices, file systems etc. This presentation discusses security challenges and potential solutions related to X.509v3 certificate enrolment, secure private key storage, secure cryptography execution, secure password storage and attestation of underlying platform/OS. It also discusses hardware technologies that help in providing root of trust for both key management and attestation.
