Security considerations in Edge Computing

Owned by Srinivasa Addepalli
Last updated: Jul 17, 2018
1 min read

Security requirements 

  • Infrastructure tamper detection and classification

    • Aggregate information of Edge sites

      • % of compute nodes trusted 

      • % of compute nodes not trust verified.

    • Tamper detection of verifier in each site

    • TPM based attestation security

    • Verification of new software installation/upgrade (Usage of Linux IMA).

  • Secure communication between ONAP and Site (TLS or IPSEC)

  • Certificate based authentication between ONAP and Site

    • Certificate Enrollment

    • Mutual CA 

    • Security of private keys using hardware root of trust (e.g TPM or SGX)

  • Secret Management 

    • Centralized Secret management with decentralized distribution

    • Security in decentralized case (e.g SGX based security)