Add to ORKGAbstract Separation of control and data plane is a principle increasingly used to improve the performance of network protocols and applications, such as the Web. Use of security mechanisms, such as the SSL/TLS protocol, can negate these performance gains, since such mechanisms need to be located on the data path. We argue that the same principle of separation can be applied to security mechanisms, by removing the web server from the secure data path. We present a minimal operating system extension that can improve the performance of web servers using SSL/TLS by up to 27%. Our intuition is that protocol framing and cryptographic transforms can be applied to incoming and outgoing data frames by the operating system under a policy specified by...
Networking is enabling a continuum comprising cloud, edge and last-mile systems. This continuum allo...
Cryptographic transformations are a fundamental building block in many security applications and pro...
Automated runtime security adaptation has great potential in providing timely and fine grained secur...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
We present a minimal extension to the BSD socket layer that can improve the performance of applicati...
The IP security protocols are sufficiently mature to benefit from multiple independent implementatio...
Along with the explosive growth of network data, security is becoming increasingly important for web...
Much of today’s distributed computing takes place in a client /server model. Despite advances in fau...
Sending documents containing sensitive information is commonly performed on distributed systems. To ...
Secure operating systems (secure OSes) are widely used to limit the damage caused by unauthorized ac...
An enhancement to TCP (Transmission Control Protocol) is proposed to give additional security betwee...
—The Transport Layer ensures that data is sent transparently between end-users while also enabling ...
The Internet is an insecure medium. The Secure Socket Layer (SSL) protocol and its successor Transpo...
Networking is enabling a continuum comprising cloud, edge and last-mile systems. This continuum allo...
Cryptographic transformations are a fundamental building block in many security applications and pro...
Automated runtime security adaptation has great potential in providing timely and fine grained secur...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
We present a minimal extension to the BSD socket layer that can improve the performance of applicati...
The IP security protocols are sufficiently mature to benefit from multiple independent implementatio...
Along with the explosive growth of network data, security is becoming increasingly important for web...
Much of today’s distributed computing takes place in a client /server model. Despite advances in fau...
Sending documents containing sensitive information is commonly performed on distributed systems. To ...
Secure operating systems (secure OSes) are widely used to limit the damage caused by unauthorized ac...
An enhancement to TCP (Transmission Control Protocol) is proposed to give additional security betwee...
—The Transport Layer ensures that data is sent transparently between end-users while also enabling ...
The Internet is an insecure medium. The Secure Socket Layer (SSL) protocol and its successor Transpo...
Networking is enabling a continuum comprising cloud, edge and last-mile systems. This continuum allo...
Cryptographic transformations are a fundamental building block in many security applications and pro...
Automated runtime security adaptation has great potential in providing timely and fine grained secur...