Secure location-aware VM deployment on the edge through OpenStack and ARM TrustZone

In recent years, there is an ongoing computational shift from the data center to the network edge. Due to the increased hardware capabilities of the devices, the edge can also benefit from the dynamic and scalable services provided by the virtualization technologies. In turn, the edge computing brings low-latency and reduced network traffic, location-awareness and local caching. However, the new capabilities unlock new challenges in terms of security, data and workload location. In this work, we focus on the threats caused by the heterogeneous and distributed nature of the edge infrastructure. We build a trusted edge based on the hardware isolation of ARM TrustZone. Moreover, we use it as a secure foundation to perform location-aware virtual machine deployment utilizing the dispersed nature of the infrastructure. We measure the performance of our solution and discuss the overall overhead and potential improvements.