{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T13:51:34Z","timestamp":1725889894667},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319596075"},{"type":"electronic","value":"9783319596082"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-59608-2_6","type":"book-chapter","created":{"date-parts":[[2017,6,13]],"date-time":"2017-06-13T15:29:56Z","timestamp":1497367796000},"page":"104-124","source":"Crossref","is-referenced-by-count":7,"title":["TruSDN: Bootstrapping Trust in Cloud Network Infrastructure"],"prefix":"10.1007","author":[{"given":"Nicolae","family":"Paladi","sequence":"first","affiliation":[]},{"given":"Christian","family":"Gehrmann","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,6,14]]},"reference":[{"key":"6_CR1","unstructured":"Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, p. 10. ACM (2013)"},{"key":"6_CR2","unstructured":"Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with Haven. In: USENIX Symposium on Operating Systems Design and Implementation (OSDI) (2014)"},{"key":"6_CR3","doi-asserted-by":"crossref","unstructured":"Bifulco, R., Cui, H., Karame, G.O., Klaedtke, F.: Fingerprinting software-defined networks. In: 2015 IEEE 23rd International Conference on Network Protocols (ICNP), pp. 453\u2013459, November 2015","DOI":"10.1109\/ICNP.2015.26"},{"issue":"3","key":"6_CR4","doi-asserted-by":"crossref","first-page":"345","DOI":"10.1109\/TDSC.2011.63","volume":"9","author":"E Brickell","year":"2012","unstructured":"Brickell, E., Li, J.: Enhanced privacy ID: a direct anonymous attestation scheme with enhanced revocation capabilities. IEEE Trans. Dependable Secure Comput. 9(3), 345\u2013360 (2012)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"10","key":"6_CR5","doi-asserted-by":"crossref","first-page":"86","DOI":"10.1145\/2661061.2661063","volume":"57","author":"M Casado","year":"2014","unstructured":"Casado, M., Foster, N., Guha, A.: Abstractions for software-defined networks. Commun. ACM 57(10), 86\u201395 (2014)","journal-title":"Commun. ACM"},{"key":"6_CR6","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Shacham, H.: Iago attacks: why the system call API is a bad untrusted RPC interface. SIGARCH Comput. Archit. News 41(1), 253\u2013264 (2013). http:\/\/doi.acm.org\/10.1145\/2490301.2451145","DOI":"10.1145\/2451116.2451145"},{"issue":"2","key":"6_CR7","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","volume":"29","author":"D Dolev","year":"1983","unstructured":"Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theor. 29(2), 198\u2013208 (1983)","journal-title":"IEEE Trans. Inf. Theor."},{"key":"6_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1007\/3-540-45748-8_24","volume-title":"Peer-to-Peer Systems","author":"JR Douceur","year":"2002","unstructured":"Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251\u2013260. Springer, Heidelberg (2002). doi: 10.1007\/3-540-45748-8_24"},{"key":"6_CR9","doi-asserted-by":"crossref","unstructured":"Eronen, P., Tschofenig, H.: Pre-shared key ciphersuites for transport layer security (TLS). Technical report, RFC 4279, December 2005","DOI":"10.17487\/rfc4279"},{"key":"6_CR10","unstructured":"Farinacci, D., Traina, P., Hanks, S., Li, T.: Generic routing encapsulation (GRE). In: IETF (2000). tools.ietf.org\/html\/rfc2784"},{"issue":"3","key":"6_CR11","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1145\/1384609.1384625","volume":"38","author":"N Gude","year":"2008","unstructured":"Gude, N., Koponen, T., Pettit, J., Pfaff, B., Casado, M., McKeown, N., Shenker, S.: NOX: towards an operating system for networks. ACM SIGCOMM Comput. Commun. Rev. 38(3), 105\u2013110 (2008)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"6_CR12","doi-asserted-by":"crossref","unstructured":"Hoekstra, M.: Using innovative instructions to create trustworthy software solutions. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, p. 10. ACM (2013)","DOI":"10.1145\/2487726.2488370"},{"key":"6_CR13","doi-asserted-by":"crossref","unstructured":"Hong, S., Xu, L., Wang, H., Gu, G.: Poisoning network visibility in software - defined networks: new attacks and countermeasures. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2015)","DOI":"10.14722\/ndss.2015.23283"},{"key":"6_CR14","unstructured":"Hopps, C.: Analysis of an Equal-Cost Multi-Path Algorithm. In: IETF (2000). tools.ietf.org\/html\/rfc2992"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Jain, P., Desai, S., Kim, S., Shih, M.W., Lee, J., Choi, C., Shin, Y., Kim, T., Kang, B.B., Han, D.: OpenSGX: an open platform for SGX research. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2016)","DOI":"10.14722\/ndss.2016.23011"},{"key":"6_CR16","doi-asserted-by":"crossref","unstructured":"Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software- defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 55\u201360. ACM (2013)","DOI":"10.1145\/2491185.2491199"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Kuo, F.C., Tschofenig, H., Meyer, F., Fu, X.: Comparison studies between pre-shared and public key exchange mechanisms for transport layer security. In: INFOCOM 2006. 25th IEEE International Conference on Computer Communications. Proceedings, pp. 1\u20136. IEEE (2006)","DOI":"10.1109\/INFOCOM.2006.52"},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C.V., Shafi, H., Shanbhogue, V., Savagaonkar, U.R.: Innovative instructions and software model for isolated execution. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, pp. 1\u20131. ACM (2013)","DOI":"10.1145\/2487726.2488368"},{"issue":"2","key":"6_CR19","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1145\/1355734.1355746","volume":"38","author":"N McKeown","year":"2008","unstructured":"McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., Turner, J.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69\u201374 (2008)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"6_CR20","volume-title":"SDN: Software Defined Networks","author":"TD Nadeau","year":"2013","unstructured":"Nadeau, T.D., Gray, K.: SDN: Software Defined Networks. O\u2019Reilly Media Inc., Sebastopol (2013)"},{"issue":"99","key":"6_CR21","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/TCC.2016.2525991","volume":"PP","author":"N Paladi","year":"2016","unstructured":"Paladi, N., Gehrmann, C., Michalas, A.: Providing user security guarantees in public infrastructure clouds. IEEE Trans. Cloud Comput. PP(99), 1 (2016)","journal-title":"IEEE Trans. Cloud Comput."},{"key":"6_CR22","doi-asserted-by":"crossref","unstructured":"Paladi, N., Gehrmann, C.: Towards secure multi-tenant virtualized networks. In: 2015 IEEE Trustcom\/BigDataSE\/ISPA, vol. 1, pp. 1180\u20131185. IEEE (2015)","DOI":"10.1109\/Trustcom.2015.502"},{"key":"6_CR23","unstructured":"Parno, B.: Bootstrapping trust in a \u201ctrusted\u201d platform. In: HotSec (2008)"},{"key":"6_CR24","unstructured":"Pfaff, B., Lantz, B., Heller, B., et al.: OpenFlow switch specification, version 1.3.0. Open Networking Foundation (2012)"},{"key":"6_CR25","unstructured":"Pfaff, B., Pettit, J., Koponen, T., Jackson, E.J., Zhou, A., Rajahalme, J., Gross, J., Wang, A., Stringer, J., Shelar, P., et al.: The design and implementation of Open vSwitch. In: 12th USENIX Symposium on Networked Systems Design and Implementation (2015)"},{"key":"6_CR26","doi-asserted-by":"crossref","unstructured":"Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., Gu, G.: A security enforcement kernel for OpenFlow networks. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp. 121\u2013126. ACM (2012)","DOI":"10.1145\/2342441.2342466"},{"key":"6_CR27","doi-asserted-by":"crossref","unstructured":"Porras, P., Cheung, S., Fong, M., Skinner, K., Yegneswaran, V.: Securing the software-defined network control layer. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2015)","DOI":"10.14722\/ndss.2015.23222"},{"key":"6_CR28","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1145\/2534169.2486022","volume":"43","author":"ZA Qazi","year":"2013","unstructured":"Qazi, Z.A., Tu, C.C., Chiang, L., Miao, R., Sekar, V., Yu, M.: SIMPLE-fying middlebox policy enforcement using SDN. ACM SIGCOMM Comput. Commun. Rev. 43, 27\u201338 (2013). ACM","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"6_CR29","unstructured":"Rescorla, E., Modadugu, N.: RFC6347\u2013datagram transport layer security version 1.2. IETF (2012) tools.ietf.org\/html\/rfc6347"},{"key":"6_CR30","unstructured":"Ristenpart, T., Yilek, S.: When good randomness goes bad: virtual machine reset vulnerabilities and hedging deployed cryptography. In: NDSS (2010)"},{"key":"6_CR31","volume-title":"Safeguarding the Future of Computing with Intel Embedded Security and Management Engine","author":"X Ruan","year":"2014","unstructured":"Ruan, X.: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine, 1st edn. Apress, Berkely (2014)","edition":"1"},{"key":"6_CR32","unstructured":"Rutkowska, J.: Thoughts on Intel\u2019s upcoming Software Guard Extensions (Part 2) (2013). http:\/\/theinvisiblethings.blogspot.de\/2013\/09\/thoughts-on-intels-upcoming-software.html . Accessed Mar 2016"},{"key":"6_CR33","doi-asserted-by":"crossref","unstructured":"Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., Russinovich, M.: VC3: Trustworthy data analytics in the cloud using SGX. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 38\u201354, May 2015","DOI":"10.1109\/SP.2015.10"},{"key":"6_CR34","doi-asserted-by":"crossref","unstructured":"Shin, S., Song, Y., Lee, T., Lee, S., Chung, J., Porras, P., Yegneswaran, V., Noh, J., Kang, B.B.: Rosemary: a robust, secure, and high-performance network operating system. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 78\u201389. ACM (2014)","DOI":"10.1145\/2660267.2660353"},{"key":"6_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1007\/978-3-642-25283-9_8","volume-title":"Trusted Systems","author":"J Walker","year":"2011","unstructured":"Walker, J., Li, J.: Key exchange with anonymous authentication using DAA-SIGMA protocol. In: Chen, L., Yung, M. (eds.) INTRUST 2010. LNCS, vol. 6802, pp. 108\u2013127. Springer, Heidelberg (2011). doi: 10.1007\/978-3-642-25283-9_8"},{"key":"6_CR36","doi-asserted-by":"crossref","unstructured":"Xu, Y., Cui, W., Peinado, M.: Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 640\u2013656. IEEE (2015)","DOI":"10.1109\/SP.2015.45"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-59608-2_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,26]],"date-time":"2019-09-26T01:01:12Z","timestamp":1569459672000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-59608-2_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319596075","9783319596082"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-59608-2_6","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2017]]}}}