Attestation is a trusted computing technology that can be applied to Ethernet layer operation, administration, and management (OAM) protocols, such as ethernet-cfm. A Canary Stamp is a collection of security evidence that demonstrates a sender's integrity and trustworthiness. Techniques presented herein provide for extending all types of Connectivity Fault Management (CFM) frames to carry a Canary Stamp Type-Length-Value object. Once a CFM frame is obtained by a receiver MEP, the receiver is to verify a sender's integrity and trustworthiness using the Canary Stamp TLV. CFM can add this trustworthiness status on each of its services in order to maintain connectivity between services and to verify the trustworthiness of maintenance endpoints (MEPs) and maintenance intermediate points (MIPs).
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Babu, Karthik Babu Harichandra; Voit, Eric; and Sheth, Sujal, "SECURING CONNECTIVITY FAULT MANAGEMENT (CFM) CONTROL PACKETS USING STAMPED PASSPORT ATTESTATION", Technical Disclosure Commons, (January 12, 2021)