Virtualisation techniques are growing in popularity and importance, given their application to server consolidation and to cloud computing. Remote Attestation is a well-known technique to assess the software integrity of a node. It works well with physical platforms, but not so well with virtual machines hosted in a full virtualisation environment (such as the Xen hypervisor or Kernel-based Virtual Machine) and it is simply not available for a lightweight virtualisation environment (such as Docker). On the contrary, the latter is increasingly used, especially in lightweight cloud platforms, because of its flexibility and limited overhead as compared to virtual machines. This paper presents a solution for security monitoring of a lightweight cloud infrastructure, which exploits Remote Attestation to verify the software integrity of cloud applications during their whole life-cycle. Our solution leverages mainstream tools and architectures, like the Linux Integrity Measurement Architecture, the OpenAttestation platform and the Docker container engine, making it practical and readily available in a real-world scenario. Compared to a standard Docker deployment, our solution enables run-time verification of container applications at the cost of a limited overhead.
This cohort study on the entire population of an Italian Province assessed the incidence of potentially vaccine-related serious adverse events (PVR-SAEs) by COVID-19 vaccination status. From January 2021 to July 2022, we extracted all deaths and hospitalizations due to several cardiovascular diseases, pulmonary embolism, and deep vein thrombosis from National Healthcare System official data. During the follow-up, 5743 individuals died, and 2097 were hospitalized for PVR-SAEs. Vaccinated subjects (n = 259,821) did not show an increased risk of all-cause death, non-COVID death, or any PVR-SAEs, as compared to the unvaccinated (n = 56,494). These results were consistent across genders, age-classes, vaccine types, and SARS-CoV-2 infection status and did not vary in Cox models adjusting for age, gender, SARS-CoV-2 infection, and selected comorbidities. In the infected population, any dose of vaccine was associated with a lower likelihood of death and PVR-SAE. In the uninfected population, subjects who received one or two doses showed a significantly higher incidence of most outcomes, likely due to a large selection bias introduced by the Italian restriction policies targeting uninfected subjects who received less than three doses. In conclusion, COVID-19 vaccination was not associated with an increase of mortality or selected PVR-SAEs incidence. Further research is warranted to evaluate the long-term safety of COVID-19 vaccines.
This paper discusses the open issues in incorporating trust techniques in the NFV environment specified by the ETSI NFV Industry Specification Group, and analyses the available technologies to fill this gap. ETSI is developing security and trust specifications within its NFV-SEC working group, with the aim of establishing and assessing trust of both the hardware platform and the virtualised infrastructure hosting the Virtual Network Functions. Cloud computing, envisioned by ETSI as enabling technology for the deployment of the NFV infrastructure, represents a challenging environment for the establishment of trust. Open issues in this area include applicability of hardwarebased trust assessment to a virtualised infrastructure, and integrity and privacy of virtual instances hosted on a multi-tenant platform. This paper discusses the challenges in applying one specific technology, Trusted Computing, to a NFV cloud-based architecture and proposes a concrete solution (based on the Intel OpenCIT framework) to address each issue. Moreover, a mapping between the ETSI NFV security and trust guidance and the OpenCIT capabilities is proposed. Finally, applicability of the solution to the NFV Management and Network Orchestration stack is discussed, with particular attention to the reference implementation promoted by the ETSI-hosted initiative Open Source MANO.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.