ID-based group key exchange mechanism for virtual group with microservice

• Published in: ETRI journal Vol. 43; no. 5; pp. 932 - 940
• Main Authors: Kim, Hyun-Jin, Park, Pyung-Koo, Ryou, Jae-Cheol
• Format: Journal Article
• Language: Korean
• Published: 한국전자통신연구원 02.10.2021; ETRI
• Subjects: virtual entity; network functions virtualization; group key
• ISSN: 1225-6463; 2233-7326

Currently, research on network functions virtualization focuses on using microservices in cloud environments. Previous studies primarily focused on communication between nodes in physical infrastructure. Until now, there is no sufficient research on group key management in virtual environments. The service is composed of microservices that change dynamically according to the virtual service. There are dependencies for microservices on changing the group membership of the service. There is also a high possibility that various security threats, such as data leakage, communication surveillance, and privacy exposure, may occur in interactive communication with microservices. In this study, we propose an ID-based group key exchange (idGKE) mechanism between microservices as one group. idGKE defines the microservices' schemes: group key gen, join group, leave group, and multiple group join. We experiment in a real environment to evaluate the performance of the proposed mechanism. The proposed mechanism ensures an essential requirement for group key management such as secrecy, sustainability, and performance, improving virtual environment security.