Year: 2016

BlindBox: Deep packet inspection over encrypted traffic

~ adriancolyer ~ 1 Comment

BlindBox: Deep packet inspection over encrypted traffic Sherry et al. SIGCOMM 2015 This is the final paper from the inaugural Research for Practice selections, and the third of Justine Sherry's three picks. The fundamental problem addressed is the same as we looked at yesterday: how do you accommodate middleboxes in HTTPS traffic? More specifically, this … Continue reading BlindBox: Deep packet inspection over encrypted traffic

Multi-context TLS (mcTLS): Enabling secure in-network functionality in TLS

~ adriancolyer ~ 3 Comments

Multi-Context TLS (mcTLS): Enabling secure in-network functionality in TLS Naylor et al. SIGCOMM 2015 We're rushing to deploy HTTPS everywhere - and about time - but this has interesting implications for middleboxes since it's hard for them to do their job when traffic is encrypted end-to-end. Say you want to add caching, compression, an intrusion … Continue reading Multi-context TLS (mcTLS): Enabling secure in-network functionality in TLS

Shielding applications from an untrusted cloud with Haven

~ adriancolyer ~ 5 Comments

Shielding applications from an untrusted cloud with Haven Baumann et al. OSDI 2014 Our objective is to run existing server applications in the cloud with a level of trust and security roughly equivalent to a user operating their own hardware in a locked cage at a colocation facility. We're all familiar with the idea of … Continue reading Shielding applications from an untrusted cloud with Haven

IX: A protected dataplane operating system for high throughput and low latency

~ adriancolyer ~ 8 Comments

IX: A Protected Dataplane Operating System for High Throughput and Low Latency Belay et al. OSDI 2014 This is the second of Simon Peter's recommended papers in the 'Data Center OS Design' Research for Practice guide. Like Arrakis, IX splits the operating system into a control plane and data plane for networking. To quote Simon … Continue reading IX: A protected dataplane operating system for high throughput and low latency

Arrakis: the operating system is the control plane

~ adriancolyer ~ 3 Comments

Arrakis: The Operating System is the Control Plane - Peter et al. OSDI 2014 ACM Queue just introduced their "Research for Practice" series with Peter Bailis. Each edition contains 'expert curated guides to the best of CS research,' and in the first instalment Simon Peter selects a set of papers on data-center operating system trends, … Continue reading Arrakis: the operating system is the control plane

Hotspot Patterns: The formal definition and automatic detection of architecture smells

~ adriancolyer ~ 6 Comments

Hotspot Patterns: The formal definition and automatic detection of architecture smells - Mo et al. International Conference on Software Architecture, 2015 Yesterday we looked at Design Rule Spaces (DRSpaces) and how some design rule spaces seem to account for large numbers of the error-prone files within a project. Today's paper brings us up to date … Continue reading Hotspot Patterns: The formal definition and automatic detection of architecture smells

Design Rule Spaces: A new form of architectural insight

~ adriancolyer ~ 4 Comments

Design Rule Spaces: A new form of architectural insight - Xiao et al. ICSE '14 Continuing the theme of looking at ICSE 2016 papers, I want to share with you some interesting work by Xiao et al. on "Identifying and quantifying architectural debt." That paper however draws heavily on two previous works that it makes … Continue reading Design Rule Spaces: A new form of architectural insight