Data communication systems exchange user data for user devices to provide various data communication services. The user devices may be phones, computers, media players, and the like. The data communication services might trust be media streaming, audio/video conferencing, data messaging, or internet access. Network Function Virtualization (NFV) computer systems are used to host data communication systems and deliver their data communication services.
NFV computer systems have Virtual Network Functions (VNFs) that perform data networking tasks. The NFV computer systems execute the VNFs under the control of a virtual software layer. The VNFs communicate with one another over the virtual layer. The VNFs also communicate with external systems over the virtual layer. To implement a data communication service, an NFV Management and Orchestration (MANO) system directs the virtual layer software to drive the execution of VNFs based on various descriptors for the data communication service.
In a Software Defined Network (SDN), the VNFs may be SDN applications, SDN controllers, and virtual SDN data machines. The executing VNFs drive the delivery of the data communication services. The MANO system may scale the data communication system by adding and removing VNFs. The MANO system may scale the VNFs by adding and removing their computer hardware resources and virtual layer components like virtual switching.
Hardware trust entails the software verification of the identity of the physical hardware that is executing the software and handling the user data. Some computer hardware has physically-embedded hardware trust keys. Hardware trust software drives circuitry to read and hash these physical keys to prove hardware identity. A hardware trust server that stores a copy of the hardware trust keys validates the hardware identities by performing the same hashes and comparing the hash results. Unfortunately, hardware trust is not effectively deployed in NFV infrastructures and MANO systems. In particular, NFV Infrastructures (NFVIs) do not have efficient and effective access to hardware trusted MANO systems that are hosted on different computer hardware.