DC Field | Value | Language |
---|---|---|
dc.contributor.author | Han, Juhyeng | ko |
dc.contributor.author | Kim, Seongmin | ko |
dc.contributor.author | Cho, Daeyang | ko |
dc.contributor.author | Choi, Byungkwon | ko |
dc.contributor.author | Ha, Jaehyeong | ko |
dc.contributor.author | Han, Dongsu | ko |
dc.date.accessioned | 2021-01-04T01:50:07Z | - |
dc.date.available | 2021-01-04T01:50:07Z | - |
dc.date.created | 2020-10-12 | - |
dc.date.created | 2020-10-12 | - |
dc.date.created | 2020-10-12 | - |
dc.date.issued | 2020-12 | - |
dc.identifier.citation | IEEE-ACM TRANSACTIONS ON NETWORKING, v.28, no.6, pp.2727 - 2740 | - |
dc.identifier.issn | 1063-6692 | - |
dc.identifier.uri | http://hdl.handle.net/10203/279425 | - |
dc.description.abstract | Network middleboxes provide the first line of defense for enterprise networks. Many of them typically inspect packet payload to filter malicious attack patterns. However, the widespread use of end-to-end cryptographic protocols designed to promote security and privacy, either inhibits deep packet inspection in the network or forces enterprises to use solutions that are not secure. This article introduces a complete framework for building secure and practical network middleboxes, called EVE, which enables visibility over encrypted traffic. EVE securely processes encrypted traffic using a combination of hardware-based trusted execution and software security technology. For enhanced programmability and security, EVE provides a high-level programming interface based on the Rust language. The high-level APIs of EVE provide security and significantly ease the development effort by hiding the details of cryptographic operations, enclave processing, TCP reassembly, and out-of-band key sharing. Our evaluation shows EVE supports diverse use cases with multiple encryption protocols in a secure fashion while delivering high performance. | - |
dc.language | English | - |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | - |
dc.title | A Secure Middlebox Framework for Enabling Visibility Over Multiple Encryption Protocols | - |
dc.type | Article | - |
dc.identifier.wosid | 000600288500025 | - |
dc.identifier.scopusid | 2-s2.0-85090444738 | - |
dc.type.rims | ART | - |
dc.citation.volume | 28 | - |
dc.citation.issue | 6 | - |
dc.citation.beginningpage | 2727 | - |
dc.citation.endingpage | 2740 | - |
dc.citation.publicationname | IEEE-ACM TRANSACTIONS ON NETWORKING | - |
dc.identifier.doi | 10.1109/TNET.2020.3016785 | - |
dc.contributor.localauthor | Han, Dongsu | - |
dc.contributor.nonIdAuthor | Kim, Seongmin | - |
dc.contributor.nonIdAuthor | Ha, Jaehyeong | - |
dc.description.isOpenAccess | N | - |
dc.type.journalArticle | Article | - |
dc.subject.keywordAuthor | Middleboxes | - |
dc.subject.keywordAuthor | Encryption | - |
dc.subject.keywordAuthor | Protocols | - |
dc.subject.keywordAuthor | Programming | - |
dc.subject.keywordAuthor | Servers | - |
dc.subject.keywordAuthor | Network middleboxes | - |
dc.subject.keywordAuthor | encryption protocols | - |
dc.subject.keywordAuthor | trusted execution environment (TEE) | - |
dc.subject.keywordAuthor | deep packet inspection | - |
dc.subject.keywordPlus | INTERNET | - |
dc.subject.keywordPlus | SYSTEM | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.