公开(公告)号：US20170012975A1

公开(公告)日：2017-01-12

申请号：US14818033

申请日：2015-08-04

Applicant: Broadcom Corporation

Inventor： Nicholas Ilyadis ,  Xuemin Chen ,  Philippe Klein ,  Ariel Hendel ,  Kumaran David Siva

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/102

Abstract: A network function virtualization security and trust system includes a network device that operates as a virtualized network device with virtualized services provided on the network device by network nodes included in the system. Security and trust within the system can include hardware authentication of the network nodes and the network device to obtain a level of security of the hardware provisioning the operation of the virtualized services. Security and trust can also include authentication of the services being used on the virtualized network device. Services authentication can be based on monitoring and analysis of the cooperative operation of the services in the virtualized network device. The virtualized services can be dynamically changed, added or stopped. Hardware authentication and dynamic services authentication in accordance with changes in the virtualized services can dynamically maintain a level of security across the devices and the virtualized services.

Abstract translation: 网络功能虚拟化安全和信任系统包括网络设备，其作为具有由网络设备提供的虚拟化服务的虚拟化网络设备，该网络设备包括在系统中的网络节点。 系统内的安全性和信任度可以包括网络节点和网络设备的硬件认证，以获得虚拟化服务运行的硬件配置的安全级别。 安全和信任还可以包括在虚拟化网络设备上使用的服务的认证。 服务认证可以基于对虚拟化网络设备中服务的协同操作的监控和分析。 虚拟化服务可以动态更改，添加或停止。 根据虚拟化服务的变化，硬件认证和动态服务认证可以动态地维护整个设备和虚拟化服务的安全级别。

公开(公告)号：US20170041201A1

公开(公告)日：2017-02-09

申请号：US14839508

申请日：2015-08-28

Applicant: Broadcom Corporation

Inventor： Nicholas Ilyadis ,  Xuemin Chen ,  Philippe Klein ,  Mohan Venkatachar Kalkunte ,  Glen Kramer ,  Kumaran David Siva

IPC: H04L12/24 ,  H04L12/26

Abstract: A system includes service management circuitry to dynamically deploy a plurality of service agents in response to dynamic assembly of a corresponding chain of services that each provide different service functionality. The different service functionality can be provided to an operational network device by different respective network devices over a network. The system can include network interface circuitry to transmit the service agents over the network to monitor performance of the respective network devices providing respective services included in the chain of services. The network interface circuitry can receive service performance information from each of the service agents. The performance information can include information indicative of the performance of the respective network devices. The service management circuitry can analyze the received service performance information and manage the chain of services.

Abstract translation: 系统包括服务管理电路，以响应于各自提供不同服务功能的相应服务链的动态组合来动态部署多个服务代理。 可以通过网络由不同的相应网络设备将不同的服务功能提供给操作网络设备。 该系统可以包括网络接口电路，用于通过网络传输服务代理以监测提供包括在服务链中的相应服务的相应网络设备的性能。 网络接口电路可以从每个服务代理接收服务性能信息。 性能信息可以包括指示各个网络设备的性能的信息。 服务管理电路可以分析所接收的服务性能信息并管理服务链。