Yogesh Mundada

Learn More
We describe Trellis, a platform for hosting virtual networks on shared commodity hardware. Trellis allows each virtual network to define its own topology, control protocols, and forwarding tables, while amortizing costs by sharing the physical infrastructure. Trellis synthesizes two container-based virtualization technologies, VServer and NetNS, as well as(More)
Although cloud computing service providers offer opportunities for improving the administration, reliability, and maintenance of hosted services, they also concentrate network resources and data in a small number of cloud service providers. The concentration of data and resources also entails various associated risks, including sharing the underlying(More)
Enterprise networks are vulnerable to attacks ranging from data leaks to the spread of malware to insider threats. Previous defenses have largely focused on securing hosts; unfortunately, when hosts are compromised, these defenses become ineffective. Rather than attempting to harden the host against every possible attack (which is impractical) or(More)
Web applications can have vulnerabilities that result in server-side data leaks. Securing sensitive data from Web applications while ensuring reasonable performance and without requiring developers to rewrite entire applications is challenging. We present SilverLine, which prevents bulk data leaks caused due to code injection in Web applications as well as(More)
This paper surveys our ongoing work on the use of software-defined networking to simplify two acute policy problems in campus and enterprise network operations: access control and information flow control. We describe how the current coupling of high-level policy with low-level configuration makes these problems challenging today. We describe the specific(More)
Modern websites use multiple authentication cookies to allow visitors to the site different levels of access. The complexity of modern web applications can make it difficult for a web application programmer to ensure that the use of authentication cookies does not introduce vulnerabilities. Even when a programmer has access to all of the source code, this(More)
Computing in the cloud is becoming more common as companies migrate their applications into cloud computing platforms to reduce maintenance costs and increase availability. Cloud hosting platforms, such as Amazon’s EC2, provide a virtual hosting environment that is easy for a service provider to provision in response to dynamically changing demands. This(More)
Modern websites set multiple authentication cookies during the login process to allow users to remain authenticated over the duration of a web session. Web applications use cookiebased authentication to provide different levels of access and authorization; the complexity of websites’ code and various combinations of authentication cookies that allow such(More)
  • 1