Network Convergence & Security Laboratory

 

Middleboxes that process confidential data cannot be securely
deployed in untrusted cloud environments. To securely
outsource middleboxes to the cloud, state-of-the-art
systems advocate network processing over the encrypted
traffic. Unfortunately, these systems support only restrictive
functionalities, and incur prohibitively high overheads.
This motivated the design of ShieldBox—a secure middlebox
framework for deploying high-performance network
functions (NFs) over untrusted commodity servers. Shield-
Box securely processes encrypted traffic inside a secure container
by leveraging shielded execution. More specifically,
ShieldBox builds on hardware-assisted memory protection
based on Intel SGX to provide strong confidentiality and
integrity guarantees. For middlebox developers, ShieldBox
exposes a generic interface based on Click to design and
implement a wide-range of NFs using its out-of-the-box elements
and C++ extensions. For network operators, ShieldBox
provides configuration and attestation service for seamless
and verifiable deployment of middleboxes. We have implemented
ShieldBox supporting important end-to-end features
required for secure network processing, and performance optimizations.
Our extensive evaluation shows that ShieldBox
achieves a near-native throughput and latency to securely
process confidential data at line rate.

제목 작성자 추천수 조회수 작성
[2020.08.18] BLAG- Improving the Accuracy of Blacklists file mhkang 0 96 2020-08-18 [2020.08.18] BLAG- Improving the Accuracy of Blacklists file
mhkang 2020-08-18 96 0
[2020.08.11] Virtualized Congestion Control file jhsong 0 84 2020-08-11 [2020.08.11] Virtualized Congestion Control file
jhsong 2020-08-11 84 0
[2020.08.04] Encrypted DNS → Privacy? A Traffic Analysis Perspective file hmlee 0 92 2020-08-03 [2020.08.04] Encrypted DNS → Privacy? A Traffic Analysis Perspective file
hmlee 2020-08-03 92 0
[2020.07.28] AviC: A Cache for Adaptive Bitrate Video file dhson 0 94 2020-07-28 [2020.07.28] AviC: A Cache for Adaptive Bitrate Video file
dhson 2020-07-28 94 0
ShieldBox : Secure Middleboxes using Shielded Execution file mkpark 0 90 2020-07-21 ShieldBox : Secure Middleboxes using Shielded Execution file
mkpark 2020-07-21 90 0
[2020.07.14] Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web file jhlee2019 0 95 2020-07-14 [2020.07.14] Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web file
jhlee2019 2020-07-14 95 0
[2020.07.07] Facebook Ads Monitor: An Independent Auditing System for Political Ads on Facebook file slchun 0 99 2020-07-07 [2020.07.07] Facebook Ads Monitor: An Independent Auditing System for Political Ads on Facebook file
slchun 2020-07-07 99 0
[2020.07.01] A Deep Dive into DNS Query Failures file hwlee2014 0 89 2020-07-01 [2020.07.01] A Deep Dive into DNS Query Failures file
hwlee2014 2020-07-01 89 0
[2020.06.24] DNS Cache-Based User Tracking file syseok 0 104 2020-06-24 [2020.06.24] DNS Cache-Based User Tracking file
syseok 2020-06-24 104 0
[2020.06.10] Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting file ykjung 0 119 2020-06-10 [2020.06.10] Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting file
ykjung 2020-06-10 119 0