在BYOD设备的中间箱中选择HTTPS流量操作

Xing Liu, Feng Qian, Zhiyun Qian
{"title":"在BYOD设备的中间箱中选择HTTPS流量操作","authors":"Xing Liu, Feng Qian, Zhiyun Qian","doi":"10.1109/ICNP.2017.8117557","DOIUrl":null,"url":null,"abstract":"HTTPS has become a vital component of the WWW ecosystem. However, today's application-layer middleboxes in the cloud are largely “blind” to HTTPS traffic. We propose a novel system infrastructural solution, called CloudEye, that allows middleboxes to selectively manipulate HTTPS traffic. A key design philosophy of CloudEye is to hide all the complexity from client and server applications (thus being transparent to them) and to have middlebox-related functions managed by a dedicated OS service. CloudEye provides control of what information the middlebox can access through new techniques such as HTTPS tags and shadow connections, without changing the TLS/SSL or HTTP protocol. CloudEye is secure and easy to use. We implemented its prototype on Linux/Android, and demonstrated its low overhead and rich use cases on off-the-shelf mobile devices and cloud servers.","PeriodicalId":6462,"journal":{"name":"2017 IEEE 25th International Conference on Network Protocols (ICNP)","volume":"52 1","pages":"1-10"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Selective HTTPS traffic manipulation at middleboxes for BYOD devices\",\"authors\":\"Xing Liu, Feng Qian, Zhiyun Qian\",\"doi\":\"10.1109/ICNP.2017.8117557\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"HTTPS has become a vital component of the WWW ecosystem. However, today's application-layer middleboxes in the cloud are largely “blind” to HTTPS traffic. We propose a novel system infrastructural solution, called CloudEye, that allows middleboxes to selectively manipulate HTTPS traffic. A key design philosophy of CloudEye is to hide all the complexity from client and server applications (thus being transparent to them) and to have middlebox-related functions managed by a dedicated OS service. CloudEye provides control of what information the middlebox can access through new techniques such as HTTPS tags and shadow connections, without changing the TLS/SSL or HTTP protocol. CloudEye is secure and easy to use. We implemented its prototype on Linux/Android, and demonstrated its low overhead and rich use cases on off-the-shelf mobile devices and cloud servers.\",\"PeriodicalId\":6462,\"journal\":{\"name\":\"2017 IEEE 25th International Conference on Network Protocols (ICNP)\",\"volume\":\"52 1\",\"pages\":\"1-10\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE 25th International Conference on Network Protocols (ICNP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICNP.2017.8117557\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 25th International Conference on Network Protocols (ICNP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICNP.2017.8117557","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3

摘要

HTTPS已经成为WWW生态系统的重要组成部分。然而,今天云中的应用层中间层在很大程度上对HTTPS流量“视而不见”。我们提出了一种新的系统基础设施解决方案,称为CloudEye,它允许中间箱有选择地操纵HTTPS流量。CloudEye的一个关键设计理念是对客户端和服务器应用程序隐藏所有的复杂性(因此对它们是透明的),并由专用的操作系统服务管理与中间件相关的功能。CloudEye控制中间层可以通过HTTPS标签和影子连接等新技术访问哪些信息,而无需更改TLS/SSL或HTTP协议。CloudEye安全且易于使用。我们在Linux/Android上实现了它的原型,并在现成的移动设备和云服务器上展示了它的低开销和丰富的用例。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Selective HTTPS traffic manipulation at middleboxes for BYOD devices
HTTPS has become a vital component of the WWW ecosystem. However, today's application-layer middleboxes in the cloud are largely “blind” to HTTPS traffic. We propose a novel system infrastructural solution, called CloudEye, that allows middleboxes to selectively manipulate HTTPS traffic. A key design philosophy of CloudEye is to hide all the complexity from client and server applications (thus being transparent to them) and to have middlebox-related functions managed by a dedicated OS service. CloudEye provides control of what information the middlebox can access through new techniques such as HTTPS tags and shadow connections, without changing the TLS/SSL or HTTP protocol. CloudEye is secure and easy to use. We implemented its prototype on Linux/Android, and demonstrated its low overhead and rich use cases on off-the-shelf mobile devices and cloud servers.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信