ENDBOX enable secure networking by client-Side trusted execution.

What

ENDBOX is a scalable middlebox that enable secure networking by client-Side trusted execution.

Why

  • Network attacks -> Operators use middleboxes to improve network performance and security -> High costs.
  • Problems of Current Middleboxes:
    • Centralized hardware -> expensive, vulnerable, limited scalability.
    • Offloading to cloud services -> higher complexity and latency, requires trust in cloud provider, processing of encrypted traffic problematic.
  • Client-Side Middleboxes Functionality has problems -> Leverage trusted execution
    • Both users and client machines cannot be trusted.
    • Users are forced to use middlebox function.

How

  • Shifting Middleboxes to clients.
  • Middlebox functions run inside enclave.
  • Route packets through SGX enclaves using VPN tunnel.

Some Detail

  • Middleboxes: a computer networking device that transforms, inspects, filters, or otherwise manipulates traffic for purposes other than packet forwarding.
  • Using OpenVPN v2.4.0 & Click Modular Router for compare in multiple use cases:
    • Forwarding (FOR)
    • Firewall (FW)
    • Intrusion Prevention (IDPS)
    • Load balancer (LB)
    • DDoS protection (DDoS)
  • Evaluation:
    • Throughput: Different packet size compare.
    • CPU usage & Throughput: Different clients number.

Note: ENDBOX: Scalable Middlebox Functions Using Client-Side Trusted Execution的更多相关文章

  1. SAP NOTE 1999997 - FAQ: SAP HANA Memory

    Symptom You have questions related to the SAP HANA memory. You experience a high memory utilization ...

  2. Linux下的C Socket编程 -- 简介与client端的处理

    Linux下的C Socket编程(一) 介绍 Socket是进程间通信的方式之一,是进程间的通信.这里说的进程并不一定是在同一台机器上也有可能是通过网络连接的不同机器上.只要他们之间建立起了sock ...

  3. go微服务框架kratos学习笔记四(kratos warden-quickstart warden-direct方式client调用)

    目录 go微服务框架kratos学习笔记四(kratos warden-quickstart warden-direct方式client调用) warden direct demo-server gr ...

  4. Caching Tutorial

    for Web Authors and Webmasters This is an informational document. Although technical in nature, it a ...

  5. (转) [it-ebooks]电子书列表

    [it-ebooks]电子书列表   [2014]: Learning Objective-C by Developing iPhone Games || Leverage Xcode and Obj ...

  6. squid源码安装下的conf文件默认值和提示

    #    WELCOME TO SQUID 3.0.STABLE26#    ----------------------------##    This is the default Squid c ...

  7. Hadoop官方文档翻译——MapReduce Tutorial

    MapReduce Tutorial(个人指导) Purpose(目的) Prerequisites(必备条件) Overview(综述) Inputs and Outputs(输入输出) MapRe ...

  8. OpenMP初步(英文)

    Beginning OpenMP OpenMP provides a straight-forward interface to write software that can use multipl ...

  9. Linux下Nagios的安装与配置

    一.本文说明 本文是在参考:http://www.cnblogs.com/mchina/archive/2013/02/20/2883404.html   David_Tang文章以及网上的一些资料完 ...

随机推荐

  1. Ogre的Singleton实现-模版实现,便于重用-(详细分析)以及笔者的改进

    转自:http://www.cppblog.com/sandy/archive/2005/11/30/1436.html ;Root g_root;//must declare once only / ...

  2. 大话设计模式--适配器模式 Adapter -- C++实现实例

    1.适配器模式: 将一个类的接口转换为客户希望的另一个接口,使得原来由于接口不能一起工作的那些类一起工作. 适配器模式一般用于希望复用一些现存的类,但是接口又与复用环境要求不一致的情况. 适配器模式分 ...

  3. matlab对点云旋转平移

    1.显示茶壶点云 ptCloud = pcread('teapot.ply');figure(1)pcshow(ptCloud); title('Teapot'); 2.Create a transf ...

  4. C++的栈

    栈,是一种存储受限的线性数据结构,在存储和访问数据的时候只能访问栈的一端.栈类似于一摞盘子,只能拿去最上面的盘子,也只能把盘子放到最上面.由于这种特点,栈是一种后进先出(Last in / First ...

  5. jquery 实现智能炫酷的翻页相册效果

    jquery 实现智能炫酷的翻页相册效果巧妙的运用 Html 的文档属性,大大减少jquery 的代码量,实现了智能炫酷的翻页相册.兼容性很好,实现了代码与标签的完全分离​1. [代码]jquery ...

  6. Codeforces 897C Nephren gives a riddle:模拟【珂学】

    题目链接:http://codeforces.com/contest/897/problem/C 题意: 给你一些字符串: A: [What are you doing at the end of t ...

  7. mysql 使用过程中出现问题

    1. mysql_front连接报错,sql执行错误#3167的解决方案 提示:The 'INFORMATION_SCHEMA.SESSION_VARIABLES' feature is disabl ...

  8. Linux下重命名文件或文件夹(mv命令与rename命令)

    在Linux下重命名文件或目录,可以使用mv命令或rename命令 mv ———————————— mv命令既可以重命名,又可以移动文件或文件夹. 例子:将目录A重命名为B mv A B 例子:将/a ...

  9. hibernate复习第(三)天

    今日要点: 1.继承关系映射 一个表对应一个映射树(subclass) 一个子类一个表,子类只有父类没有的字段(joined-subclass) 鉴别器和内连接结合使用(subclass join) ...

  10. Java 集合常用特点

    1:集合:1) Collection(单列集合) ---------------------------------------------------------------------       ...