Note: ENDBOX: Scalable Middlebox Functions Using Client-Side Trusted Execution
ENDBOX enable secure networking by client-Side trusted execution.
What
ENDBOX is a scalable middlebox that enable secure networking by client-Side trusted execution.
Why
- Network attacks -> Operators use middleboxes to improve network performance and security -> High costs.
- Problems of Current Middleboxes:
- Centralized hardware -> expensive, vulnerable, limited scalability.
- Offloading to cloud services -> higher complexity and latency, requires trust in cloud provider, processing of encrypted traffic problematic.
- Client-Side Middleboxes Functionality has problems -> Leverage trusted execution
- Both users and client machines cannot be trusted.
- Users are forced to use middlebox function.
How
- Shifting Middleboxes to clients.
- Middlebox functions run inside enclave.
- Route packets through SGX enclaves using VPN tunnel.
Some Detail
- Middleboxes: a computer networking device that transforms, inspects, filters, or otherwise manipulates traffic for purposes other than packet forwarding.
- Using OpenVPN v2.4.0 & Click Modular Router for compare in multiple use cases:
- Forwarding (FOR)
- Firewall (FW)
- Intrusion Prevention (IDPS)
- Load balancer (LB)
- DDoS protection (DDoS)
- Evaluation:
- Throughput: Different packet size compare.
- CPU usage & Throughput: Different clients number.
Note: ENDBOX: Scalable Middlebox Functions Using Client-Side Trusted Execution的更多相关文章
- SAP NOTE 1999997 - FAQ: SAP HANA Memory
Symptom You have questions related to the SAP HANA memory. You experience a high memory utilization ...
- Linux下的C Socket编程 -- 简介与client端的处理
Linux下的C Socket编程(一) 介绍 Socket是进程间通信的方式之一,是进程间的通信.这里说的进程并不一定是在同一台机器上也有可能是通过网络连接的不同机器上.只要他们之间建立起了sock ...
- go微服务框架kratos学习笔记四(kratos warden-quickstart warden-direct方式client调用)
目录 go微服务框架kratos学习笔记四(kratos warden-quickstart warden-direct方式client调用) warden direct demo-server gr ...
- Caching Tutorial
for Web Authors and Webmasters This is an informational document. Although technical in nature, it a ...
- (转) [it-ebooks]电子书列表
[it-ebooks]电子书列表 [2014]: Learning Objective-C by Developing iPhone Games || Leverage Xcode and Obj ...
- squid源码安装下的conf文件默认值和提示
# WELCOME TO SQUID 3.0.STABLE26# ----------------------------## This is the default Squid c ...
- Hadoop官方文档翻译——MapReduce Tutorial
MapReduce Tutorial(个人指导) Purpose(目的) Prerequisites(必备条件) Overview(综述) Inputs and Outputs(输入输出) MapRe ...
- OpenMP初步(英文)
Beginning OpenMP OpenMP provides a straight-forward interface to write software that can use multipl ...
- Linux下Nagios的安装与配置
一.本文说明 本文是在参考:http://www.cnblogs.com/mchina/archive/2013/02/20/2883404.html David_Tang文章以及网上的一些资料完 ...
随机推荐
- 现有exe转为服务_方式01
1.安装X.exe服务: ...>路径\X.exe /install 2.卸载X.exe服务: ...>路径\X.exe /uninstall 3.开始运行XX(程序是X.exe,服务名是 ...
- 数据分析第三篇:Numpy知识点
Numpy 将字符型数据转为datetime import numpy as np f = np.array([','2019-01-01','2019-01-02 01:01:01']) # 把f数 ...
- node 渲染html模板配置
node 渲染html模板配置 安装swig模块 npm install swig--save - dev 加载swig模块 var swig = require('swig'); 模板配置 //第一 ...
- JavaWeb中文件的上传和下载
JavaWeb中文件的上传和下载 转自: JavaWeb学习总结(五十)——文件上传和下载 - 孤傲苍狼 - 博客园https://www.cnblogs.com/xdp-gacl/p/4200090 ...
- Selenium-多窗口处理
弹出新的窗口,该如何处理 1.获取当前窗口句柄 2.元素的操作,打开新的窗口 3.获取所有窗口句柄 4.for循环遍历所有窗口,定位到需要操作的窗口上 和你当前句柄不一样的就说明是新的,通过打印tit ...
- Python基础-os、sys模块
一,os模块import os ,sysos.system('ipconfig')#执行操作系统命令,获取不到返回结果 os.popen()#也可以执行操作系统命令,可以返回命令执行结果,但需要rea ...
- java_面试_01_一个月的面试总结(java)
重点知识 由于我面试的JAVA开发工程师,针对于JAVA,需要理解的重点内容有: JVM内存管理机制和垃圾回收机制(基本每次面试都会问,一定要搞得透彻) JVM内存调优(了解是怎么回事,一般做项目过程 ...
- JS判断2个时间是否在同一周
function isSameWeek(old, now) { var oneDayTime = 1000 * 60 * 60 * 24; var old_count = parseInt(+old ...
- BEC listen and translation exercise 42
These were built for the workers towards the end of the eighteenth century, and they are still furni ...
- linux apt-get remove如何恢复
linux卸载或删除软件时,若不小心删除到关联的软件,如果想撤销删除操作需要在/var/log/apt/history.log中依次安装删除的软件,具体操作如下: $echo '#!/bin/bash ...