A Secure Middlebox Framework for Enabling Visibility Over Multiple Encryption Protocols
Network middleboxes provide the first line of defense for enterprise networks. Many of them typically inspect packet payload to filter malicious attack patterns. However, the widespread use of end-to-end cryptographic protocols designed to promote security and privacy, either inhibits deep packet inspection in the network or forces enterprises to use solutions that are not secure. This article introduces a complete framework for building secure and practical network middleboxes, called EVE, which enables visibility over encrypted traffic. EVE securely processes encrypted traffic using a combination of hardware-based trusted execution and software security technology. For enhanced programmability and security, EVE provides a high-level programming interface based on the Rust language. The high-level APIs of EVE provide security and significantly ease the development effort by hiding the details of cryptographic operations, enclave processing, TCP reassembly, and out-of-band key sharing. Our evaluation shows EVE supports diverse use cases with multiple encryption protocols in a secure fashion while delivering high performance.
- Issue Date
- 2020-12
- Language
- English
- Article Type
- Article
- Citation
IEEE-ACM TRANSACTIONS ON NETWORKING, v.28, no.6, pp.2727 - 2740
- ISSN
- 1063-6692
- Appears in Collection
- EE-Journal Papers(저널논문)
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 8 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.