Four Early Stage Researchers (ESRs) have focused on various aspects of improving security and privacy of container-based VNFs running on Multi-Access Edge Computing (MEC) platforms.
ESR1 initially worked on enhancing integrity protection of container images using trusted computing and remote attestation techniques. Shifting focus, he developed the concept of authentic execution for multi-component services, thus preventing data poisoning attacks. Additionally, he addressed credential management in V2X networks by devising mechanisms for efficient revocation of credentials.
ESR2 concentrated on inter-container communication, evaluating the performance overheads of security policies and analyzing security threats in Kubernetes, the de-facto standard in container orchestration. He developed GrassHopper, a prototype for verifying policy correctness and addressing misconfigurations in Kubernetes clusters.
ESR3 aimed to bolster the security and resilience of low-latency system and applications by designing a novel memory isolation technique, called Software-Defined Rewind & Discard (SDRaD). SDRad confines front-end components in their own secure sandboxes to protect them against, e.g. buffer overflow, attacks in other components of the application. Front-end components are rewinded into a consistent and operational state, while infected components are discarded. She has implemented the SDRaD technique for the programming languages C and Rust.
ESR4 studied the privacy implications of software-defined networks in 5G, emphasizing the need for dynamic compliance assurance in cloud-native deployments of 5G networks. Moreover he contributed to various 5G policy recommendations.
Moreover all ESRs have jointly contributed to the definition of a Kubernetes-based MEC architecture that includes a comprehensive and first-class threat model that can be instantiated for particular applications, a novel method for better understanding and modeling trust boundaries and an analysis of privacy-preserving and security properties of this architecture from a legal perspective.
Based on the findings from evaluating the above technical and architectural work, the following conclusions are the basis for their further exploitation:
(1) The authentic execution security property ensures that any sensor data sent to edge servers truthfully reflects the sensor readings made in reality.
(2) Low-latency applications with high reliability requirements are a good fit for the SDRaD hardening methods. The SDRaD mechanism also shows the pathway towards cost-efficient fault-tolerance strategies in edge computing environments where tradition replication techniques do not work.
(3) The enhanced network isolation mechanism of GrassHopper can be applied to isolate different applications in edge- and cloud-based Kubernetes clusters. GrassHopper can also prevent untrustworthy and potentially malicious users to escape a network slice.
(4) Scalable and timely revocation of malicious vehicles, which cannot be bypassed by attackers, can be guaranteed by the V2X Revocation building block. An integrated design with the other building blocks may help to identify malicious users, e.g. if they trigger a rewind in an isolated frontend component, or if their input data is significantly inconsistent with more trustworthy inputs. Such suspicions maybe be raised to the revocation authority via a revocation request. A dedicated decision process may then decide to revoke the credentials of the corresponding participant. Our revocation mechanism can then guarantee that such revocation requests cannot be bypassed, while still allowing users to use the V2X network pseudonymously.
Their research findings have led to 4 awarded patents and 14 publications at top international conferences and journals. Efforts for broader dissemination include lectures and presentations. Integration of technical components into open-source projects like Kubernetes is planned, with considerations for legal compliance and security recommendations from ESR4. All components are open-sourced and intended for integration into Ericsson's product units.
