Method and system for introducing in-network services in an end-to-end communication path

摘要

A method for introducing in-network services in an end-to-end communication path between two hosts includes: providing at least one middlebox entity and performing a registration procedure that includes registering the in-network services together with their respective service level agreements at the at least one middlebox entity; by at least one of the two hosts, sending a subscription for the in-network services to the at least one middlebox entity together with a policy list containing at least host-specific security requirements; by the at least one middlebox entity, evaluating potential conflicts between the host-specific security requirements and the service level agreements of the in-network services, and, in case no conflicts are detected, authenticating the in-network services; and inserting the authenticated in-network services within the end-to-end communication path and starting encrypted communication between the two hosts.