Puneet Sharma
ABSTRACT
Cloudification of edge to core infrastructure has led to new and rich application and service deployment and operational models. These ecosystems have complex relationships between the application vendors, infrastructure operators and application users. Traditional licensing and compliance enforcement methods such as those based on in person audits and dynamic issuing of license keys inhibit the resource provisioning and consumption flexibility offered by cloudified services due to scalability and management overheads. In this work, we argue the need for a trusted framework for application usage rights compliance. This new architecture named "Metered Boot" provides a way to realize trusted, capacity/usage based rights compliance for service deployments that allows decoupling of usage rights governed by application vendors from the resource provisioning by the infrastructure provider. We have built a Metered Boot prototype for a particular usecase of NFV usage rights compliance.
- Amazon web services marketplace. https://https://aws.amazon.com/marketplace.Google Scholar
- Google cloud platform marketplace. https://cloud.google.com/marketplace/.Google Scholar
- System and methods for enforcing software license compliance with virtual machines. https://patents.google.com/patent/US8875266B2/en.Google Scholar
- Wibu systems: Codemeter. https://www.wibu.com/us/blog/article/secure-licensing-for-tpm-connected-devices.html.Google Scholar
- Ibm x3650 m2 specifications, 2009. http://www-07.ibm.com/systems/includes/content/x/pdf/prod_guide.pdf.Google Scholar
- Trusted computing group tpm specification, 2011. https://trustedcomputinggroup.org/tpm-main-specification/.Google Scholar
- Distributed license management, us8818900 b2, 2014.Google Scholar
- Etsi nfv security problem statement, 2014. http://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/001/01.01.01_60/gs_NFV-SEC001v010101p.pdf.Google Scholar
- Cluster license server, ep2913771 a1, 2015.Google Scholar
- Hard truths about software licensing for nfv, 2015. http://blog.advaoptical.com/hard-truths-about-software-licensing-for-nfv.Google Scholar
- Openstack ceilometer, 2015. http://docs.openstack.org/developer/ceilometer/.Google Scholar
- The openstack congress framework, 2015. http://docs.openstack.org/developer/congress/README.html.Google Scholar
- Bsa: Compliance and enforcement, 2016. http://www.bsa.org/anti-piracy.Google Scholar
- Dell poweredge r720 specifications, 2016. http://www.dell.com/downloads/global/products/pedge/dell-poweredge-r720-spec-sheet.pdf.Google Scholar
- Etsi nfv license management work item, 2016. https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=50639.Google Scholar
- Hp proliant dl360p specifications, 2016. https://www.hpe.com/h20195/v2/GetPDF.aspx/c04123167.pdf.Google Scholar
- Limits on running containers on a docker host, 2016. http://stackoverflow.com/questions/21799382/is-there-a-maximum-number-of-containers\discretionary{-}{}{}running-on-a-docker-host.Google Scholar
- The machine- memory driven computing, 2017. https://www.labs.hpe.com/the-machine.Google Scholar
- Network operator perspectives on nfv priorities for 5g, 2017. https://portal.etsi.org/NFV/NFV_White_Paper_5G.pdf.Google Scholar
- Openstack tacker, 2017. https://github.com/openstack/tacker.Google Scholar
- Tm forum exploratory report: Nfv license management, 2017. https://www.tmforum.org/resources/standard/ig1143-license-management-r16-5-1/.Google Scholar
- Trusted boot project, 2017. https://sourceforge.net/projects/tboot/.Google Scholar
- Kubernetes apps in gcp marketplace, 2018. https://goo.gl/dbHWix.Google Scholar
- Trusting the cloud with intel txt, 2018. https://www.intel.com/content/www/us/en/architecture-and-technology/trusted-execution-technology/trusting-the-cloud-with-trusted-execution\discretionary{-}{}{}technology-video.html.Google Scholar
- Arthur, W., Challener, D., and Goldman, K. Quick tutorial on tpm 2.0. In A Practical Guide to TPM 2.0. Springer, 2015, pp. 23--37.Google ScholarCross Ref
- Choi, P., and Kim, D. K. Design of security enhanced tpm chip against invasive physical attacks. In Circuits and Systems (ISCAS), 2012 IEEE International Symposium on (2012), IEEE, pp. 1787--1790.Google ScholarCross Ref
- Costan, V., and Devadas, S. Intel sgx explained. IACR Cryptology ePrint Archive 2016 (2016), 86.Google Scholar
- Jaeger, T., Sailer, R., and Shankar, U. Prima: policy-reduced integrity measurement architecture. In Proceedings of the eleventh ACM symposium on Access control models and technologies (2006), ACM, pp. 19--28. Google ScholarDigital Library
- Merkle, R. C. Protocols for public key cryptosystems. In IEEE Symposium on Security and privacy (1980), vol. 122.Google ScholarCross Ref
- Morris, T. Trusted platform module. In Encyclopedia of Cryptography and Security. Springer, 2011, pp. 1332--1335.Google Scholar
- Moyer, T., Butler, K., Schiffman, J., McDaniel, P., and Jaeger, T. Scalable web content attestation. IEEE Transactions on Computers 61, 5 (2012), 686--699. Google ScholarDigital Library
- Sailer, R., Zhang, X., Jaeger, T., and Van Doorn, L. Design and implementation of a tcg-based integrity measurement architecture. In USENIX Security Symposium (2004), vol. 13, pp. 223--238. Google ScholarDigital Library
- Suh, G. E., O'Donnell, C. W., and Devadas, S. Aegis: A single-chip secure processor. IEEE Design & Test of Computers 24, 6 (2007). Google ScholarDigital Library
- Sundaram, B., and Chapman, B. Xml-based policy engine framework for usage policy management in grids. Grid Computing---GRID 2002 (2002), 194--198. Google ScholarDigital Library
Recommendations
Compulsory licensing of patents
The compulsory license is a concept that has been an accepted part of American intellectual property ever since the US Copyright Act of 1909. It has been recognized internationally via the Berne Convention for the Protection of Literary and Artistic ...
Service licensing: conceptualization, formalization, and expression
Service licensing enables a broader usage of services and a means for designing business strategies and relationships. A service license describes the terms and conditions that permit the use of and access to a service, in a machine interpretable way, ...
Digital Licensing
A digital license protects an author or ownerýs intellectual property rights to regulate how content is sold or used, monitors compliance to terms and conditions, and regulates compensation. Thegoal of digital license automation is to provide an ...
Comments