LightBox: SGX-assisted Secure Network Functions at Near-native Speed

  title={LightBox: SGX-assisted Secure Network Functions at Near-native Speed},
  author={Huayi Duan and Xingliang Yuan and C. Wang},
  • Huayi Duan, Xingliang Yuan, C. Wang
  • Published 2017
  • Computer Science
  • ArXiv
  • The recent trend of outsourcing network functions, aka. middleboxes, raises confidentiality and integrity concern on redirected packet, runtime state, and processing result. The outsourced middleboxes must be protected against cyber attacks and malicious service provider. It is challenging to simultaneously achieve strong security, practical performance, complete functionality and compatibility. Prior software-centric approaches relying on customized cryptographic primitives fall short of… CONTINUE READING
    22 Citations
    Challenges Towards Protecting VNF With SGX
    • 1
    • PDF
    EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution
    • 19
    • PDF
    vEPC-sec: Securing LTE Network Functions Virtualization on Public Cloud
    • 4
    • PDF
    Fast privacy-preserving network function outsourcing
    • PDF
    Aurora: Providing Trusted System Services for Enclaves On an Untrusted System
    • 6
    • PDF
    A Survey of Privacy-Preserving Techniques for Encrypted Traffic Inspection over Network Middleboxes
    • Highly Influenced
    • PDF
    Assuring String Pattern Matching in Outsourced Middleboxes
    • 3
    Toward Scalable Fully Homomorphic Encryption Through Light Trusted Computing Assistance
    • 2
    • PDF
    TVIDS: Trusted virtual IDS with SGX


    Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS
    • 117
    • PDF
    Privacy-preserving deep packet inspection in outsourced middleboxes
    • 39
    Private Processing of Outsourced Network Functions: Feasibility and Constructions
    • 28
    • PDF
    SplitBox: Toward Efficient Private Network Function Virtualization
    • 33
    • Highly Influential
    • PDF
    A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications
    • 62
    • PDF
    Privacy-preserving Network Functionality Outsourcing
    • 18
    • Highly Influential
    • PDF
    Embark: Securely Outsourcing Middleboxes to the Cloud
    • 84
    • Highly Influential
    • PDF
    STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud
    • 290
    • PDF
    S-NFV: Securing NFV states by using SGX
    • 78
    • PDF
    Shielding Applications from an Untrusted Cloud with Haven
    • 564
    • PDF