Harpocrates: Giving Out Your Secrets and Keeping Them Too

2018 IEEE/ACM Symposium on Edge Computing (SEC) Pub Date : 2018-10-01 DOI:10.1109/SEC.2018.00015

Rufaida Ahmed, Zirak Zaheer, Richard Li, R. Ricci

{"title":"Harpocrates: Giving Out Your Secrets and Keeping Them Too","authors":"Rufaida Ahmed, Zirak Zaheer, Richard Li, R. Ricci","doi":"10.1109/SEC.2018.00015","DOIUrl":null,"url":null,"abstract":"Content Distribution Networks (CDNs) offer websites and web services the ability to host content on servers that are near the edge of the network, close to users. Benefits of this arrangement include low latency, scalability, and resistance to Denial of Service attacks. Traditionally, CDNs have hosted primarily static content, but increasingly, there is an interest in pushing active computation to the edge as well. This active computation, which is similar in style to the \"server-less\" computing becoming popular in clouds, offers a wealth of new opportunities for web services to be-come faster and more scalable. With this opportunity, however, comes a much greater exposure to security threats. One is leakage of secret materials (such as keys, identities, etc.) that are accessed by these functions. Another is the possibility that sensitive calculations are not executed faithfully in the CDN; e.g. a modified version of the customer's code is run. In this paper, we present the design of Harpocrates, a framework that allows active code to be pushed from an origin webserver out to workers at the edge of a CDN. Harpocrates makes use of Intel's SGX technology to keep data private, and presents an environment similar to the JavaScript WebWorker API to simplify the process of code that can run on either origin servers or the CDN. We use Harpocrates to design a number of interesting services, including a service that generates and checks secure cookies within the CDN, and a framework that protects against denial-of-service attacks in a way that is customized to a specific website. We show that the framework performs well enough to be deployable in practice.","PeriodicalId":376439,"journal":{"name":"2018 IEEE/ACM Symposium on Edge Computing (SEC)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE/ACM Symposium on Edge Computing (SEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SEC.2018.00015","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

Content Distribution Networks (CDNs) offer websites and web services the ability to host content on servers that are near the edge of the network, close to users. Benefits of this arrangement include low latency, scalability, and resistance to Denial of Service attacks. Traditionally, CDNs have hosted primarily static content, but increasingly, there is an interest in pushing active computation to the edge as well. This active computation, which is similar in style to the "server-less" computing becoming popular in clouds, offers a wealth of new opportunities for web services to be-come faster and more scalable. With this opportunity, however, comes a much greater exposure to security threats. One is leakage of secret materials (such as keys, identities, etc.) that are accessed by these functions. Another is the possibility that sensitive calculations are not executed faithfully in the CDN; e.g. a modified version of the customer's code is run. In this paper, we present the design of Harpocrates, a framework that allows active code to be pushed from an origin webserver out to workers at the edge of a CDN. Harpocrates makes use of Intel's SGX technology to keep data private, and presents an environment similar to the JavaScript WebWorker API to simplify the process of code that can run on either origin servers or the CDN. We use Harpocrates to design a number of interesting services, including a service that generates and checks secure cookies within the CDN, and a framework that protects against denial-of-service attacks in a way that is customized to a specific website. We show that the framework performs well enough to be deployable in practice.

查看原文本刊更多论文

哈波克拉底:说出你的秘密，也保守秘密

内容分发网络(cdn)为网站和web服务提供了在靠近网络边缘、靠近用户的服务器上托管内容的能力。这种安排的好处包括低延迟、可伸缩性和抵抗拒绝服务攻击。传统上，cdn主要托管静态内容，但越来越多的人对将活动计算推向边缘也感兴趣。这种主动计算在风格上类似于在云中流行的“无服务器”计算，它为web服务变得更快、更可扩展提供了大量新的机会。然而，有了这个机会，安全威胁的风险就大得多。一是这些函数访问的机密材料(如密钥、身份等)泄露。另一个是敏感的计算可能没有在CDN中忠实地执行;例如，运行客户代码的修改版本。在本文中，我们介绍了Harpocrates的设计，这是一个允许将活动代码从原始web服务器推送到CDN边缘的工作人员的框架。Harpocrates利用英特尔的SGX技术来保持数据的私密性，并提供了一个类似于JavaScript WebWorker API的环境，以简化可以在原始服务器或CDN上运行的代码过程。我们使用Harpocrates设计了许多有趣的服务，包括一个在CDN内生成和检查安全cookie的服务，以及一个针对特定网站定制的防止拒绝服务攻击的框架。我们展示了该框架的性能足够好，可以在实践中部署。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 IEEE/ACM Symposium on Edge Computing (SEC)

自引率

0.00%

发文量