Abstract
HTTPS has become a vital component of the WWW ecosystem. However, today's application-layer middleboxes in the cloud are largely 'blind' to HTTPS traffic. We propose a novel system infrastructural solution, called CloudEye, that allows middleboxes to selectively manipulate HTTPS traffic. A key design philosophy of CloudEye is to hide all the complexity from client and server applications (thus being transparent to them) and to have middlebox-related functions managed by a dedicated OS service. CloudEye provides control of what information the middlebox can access through new techniques such as HTTPS tags and shadow connections, without changing the TLS/SSL or HTTP protocol. CloudEye is secure and easy to use. We implemented its prototype on Linux/Android, and demonstrated its low overhead and rich use cases on off-the-shelf mobile devices and cloud servers.
| Original language | English (US) |
|---|---|
| Title of host publication | 2017 IEEE 25th International Conference on Network Protocols, ICNP 2017 |
| Publisher | IEEE Computer Society |
| ISBN (Electronic) | 9781509065011 |
| DOIs | |
| State | Published - Nov 21 2017 |
| Externally published | Yes |
| Event | 25th IEEE International Conference on Network Protocols, ICNP 2017 - Toronto, Canada Duration: Oct 10 2017 → Oct 13 2017 |
Publication series
| Name | Proceedings - International Conference on Network Protocols, ICNP |
|---|---|
| Volume | 2017-October |
| ISSN (Print) | 1092-1648 |
Other
| Other | 25th IEEE International Conference on Network Protocols, ICNP 2017 |
|---|---|
| Country/Territory | Canada |
| City | Toronto |
| Period | 10/10/17 → 10/13/17 |
Bibliographical note
Funding Information:We thank our anonymous reviewers for their comments. This work was supported in part by NSF Award #1618898.
Publisher Copyright:
© 2017 IEEE.