{"title":"用QoS2实现HTTPS和中间框的安全游乐场","authors":"Zhenyu Zhou, Theophilus A. Benson","doi":"10.1145/2785989.2785998","DOIUrl":null,"url":null,"abstract":"With the increasing concern for network security and privacy, adoption of HTTPS has sky-rocket, with over 50% of traffic flows employing HTTPS. Unfortunately by encrypting the data, HTTPS eliminates the benefits provided by Middle-boxes such as proxies and caches. We claim that these limitations, highlight the need for alternative mechanisms for quickly and safely viewing websites: QoS2. QoS2 argues for fine-grained identification of common web-content and user-specific content, which are then deliver over either HTTP or HTTPS respectively. The main challenge in enabling a framework, such as QoS2, lies in ensuring that security is not compromised, namely vulnerability to Man in the Middle attacks. QoS2 overcomes such attacks, by judiciously employing object level checksums which are sent exclusively over the HTTPS connection. To quantify the benefits of QoS2, we have manually tagged the content for a number of sites and emulated an QoS2 server: initial results are promising with QoS2 providing 20%-70% speed up over traditional HTTPS.","PeriodicalId":429815,"journal":{"name":"Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization","volume":"136 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Towards a Safe Playground for HTTPS and Middle Boxes with QoS2\",\"authors\":\"Zhenyu Zhou, Theophilus A. Benson\",\"doi\":\"10.1145/2785989.2785998\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the increasing concern for network security and privacy, adoption of HTTPS has sky-rocket, with over 50% of traffic flows employing HTTPS. Unfortunately by encrypting the data, HTTPS eliminates the benefits provided by Middle-boxes such as proxies and caches. We claim that these limitations, highlight the need for alternative mechanisms for quickly and safely viewing websites: QoS2. QoS2 argues for fine-grained identification of common web-content and user-specific content, which are then deliver over either HTTP or HTTPS respectively. The main challenge in enabling a framework, such as QoS2, lies in ensuring that security is not compromised, namely vulnerability to Man in the Middle attacks. QoS2 overcomes such attacks, by judiciously employing object level checksums which are sent exclusively over the HTTPS connection. To quantify the benefits of QoS2, we have manually tagged the content for a number of sites and emulated an QoS2 server: initial results are promising with QoS2 providing 20%-70% speed up over traditional HTTPS.\",\"PeriodicalId\":429815,\"journal\":{\"name\":\"Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization\",\"volume\":\"136 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2785989.2785998\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2785989.2785998","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards a Safe Playground for HTTPS and Middle Boxes with QoS2
With the increasing concern for network security and privacy, adoption of HTTPS has sky-rocket, with over 50% of traffic flows employing HTTPS. Unfortunately by encrypting the data, HTTPS eliminates the benefits provided by Middle-boxes such as proxies and caches. We claim that these limitations, highlight the need for alternative mechanisms for quickly and safely viewing websites: QoS2. QoS2 argues for fine-grained identification of common web-content and user-specific content, which are then deliver over either HTTP or HTTPS respectively. The main challenge in enabling a framework, such as QoS2, lies in ensuring that security is not compromised, namely vulnerability to Man in the Middle attacks. QoS2 overcomes such attacks, by judiciously employing object level checksums which are sent exclusively over the HTTPS connection. To quantify the benefits of QoS2, we have manually tagged the content for a number of sites and emulated an QoS2 server: initial results are promising with QoS2 providing 20%-70% speed up over traditional HTTPS.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
