LightBox: SGX-assisted Secure Network Functions at Near-native Speed
@article{Duan2017LightBoxSS, title={LightBox: SGX-assisted Secure Network Functions at Near-native Speed}, author={Huayi Duan and Xingliang Yuan and C. Wang}, journal={ArXiv}, year={2017}, volume={abs/1706.06261} }
The recent trend of outsourcing network functions, aka. middleboxes, raises confidentiality and integrity concern on redirected packet, runtime state, and processing result. The outsourced middleboxes must be protected against cyber attacks and malicious service provider. It is challenging to simultaneously achieve strong security, practical performance, complete functionality and compatibility. Prior software-centric approaches relying on customized cryptographic primitives fall short of… CONTINUE READING
Figures, Tables, and Topics from this paper
22 Citations
EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution
- Computer Science
- 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
- 2018
- 19
- PDF
vEPC-sec: Securing LTE Network Functions Virtualization on Public Cloud
- Computer Science
- IEEE Transactions on Information Forensics and Security
- 2019
- 4
- PDF
Aurora: Providing Trusted System Services for Enclaves On an Untrusted System
- Computer Science
- ArXiv
- 2018
- 6
- PDF
PrivDPI: Privacy-Preserving Encrypted Traffic Inspection with Reusable Obfuscated Rules
- Computer Science
- CCS
- 2019
- 4
A Survey of Privacy-Preserving Techniques for Encrypted Traffic Inspection over Network Middleboxes
- Computer Science
- ArXiv
- 2021
- Highly Influenced
- PDF
Assuring String Pattern Matching in Outsourced Middleboxes
- Computer Science
- IEEE/ACM Transactions on Networking
- 2018
- 3
Toward Scalable Fully Homomorphic Encryption Through Light Trusted Computing Assistance
- Computer Science
- ArXiv
- 2019
- 2
- PDF
References
SHOWING 1-10 OF 56 REFERENCES
Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS
- Computer Science
- SIGCOMM
- 2015
- 117
- PDF
Privacy-preserving deep packet inspection in outsourced middleboxes
- Computer Science
- IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications
- 2016
- 39
Private Processing of Outsourced Network Functions: Feasibility and Constructions
- Computer Science
- SDN-NFV@CODASPY
- 2016
- 28
- PDF
SplitBox: Toward Efficient Private Network Function Virtualization
- Computer Science
- HotMIddlebox '16
- 2016
- 33
- Highly Influential
- PDF
A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications
- Computer Science
- HotNets
- 2015
- 62
- PDF
Privacy-preserving Network Functionality Outsourcing
- Computer Science
- ArXiv
- 2015
- 18
- Highly Influential
- PDF
Embark: Securely Outsourcing Middleboxes to the Cloud
- Computer Science
- NSDI
- 2016
- 84
- Highly Influential
- PDF
STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud
- Computer Science
- USENIX Security Symposium
- 2012
- 290
- PDF