主权项 |
1. A method of operating a data communication system using Border Gateway Protocol (BGP), Network Function Virtualization (NFV), and Hardware Root-of-Trust (HRoT) comprising:
in a first NFV computer system, generating HRoT challenge data, executing a first BGP virtual machine, and transferring the HRoT challenge data in first BGP signaling for delivery to a second BGP virtual machine in a second NFV computer system; in the second NFV computer system, executing the second BGP virtual machine, processing the first BGP signaling, and responsively identifying an HRoT code physically-embedded in the second NFV computer system, generating HRoT result data based on the HRoT challenge data and the HRoT code, and transferring second BGP signaling having the HRoT result data for delivery to the first BGP virtual machine in the first NFV computer system; in the first NFV computer system, generating target HRoT result data based on the HRoT challenge and the HRoT code, receiving the second BGP signaling, and responsively comparing the HRoT result data from the second BGP signaling to the target HRoT data generated by the first NFV computer system; and in the first NFV computer system, executing a BGP state process based on the second BGP signaling if the HRoT result data from the second BGP signaling corresponds to the target HRoT data generated by the first NFV computer system. |