SSL and TLS: designing and building secure systems
SSL and TLS: designing and building secure systems
CryptoManiac: a fast flexible architecture for secure communication
ISCA '01 Proceedings of the 28th annual international symposium on Computer architecture
Inside SSL: Accelerating Secure Transactions
IT Professional
AINA '03 Proceedings of the 17th International Conference on Advanced Information Networking and Applications
Adaptive Online Data Compression
HPDC '02 Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing
Architectural Impact of Secure Socket Layer on Internet Servers
ICCD '00 Proceedings of the 2000 IEEE International Conference on Computer Design: VLSI in Computers & Processors
NIST Net: a Linux-based network emulation tool
ACM SIGCOMM Computer Communication Review
ACM Transactions on Information and System Security (TISSEC)
Efficient end to end data exchange using configurable compression
ACM SIGOPS Operating Systems Review
A Hardware Architecture for Elliptic Curve Cryptography and Lossless Data Compression
CONIELECOMP '05 Proceedings of the 15th International Conference on Electronics, Communications and Computers
Adaptive On-the-Fly Compression
IEEE Transactions on Parallel and Distributed Systems
Performance analysis of TLS Web servers
ACM Transactions on Computer Systems (TOCS)
Improving secure server performance by re-balancing SSL/TLS handshakes
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Cryptographic strength of ssl/tls servers: current and recent practices
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Anatomy and Performance of SSL Processing
ISPASS '05 Proceedings of the IEEE International Symposium on Performance Analysis of Systems and Software, 2005
Joint encryption and compression of correlated sources with side information
EURASIP Journal on Information Security
PipesFS: fast Linux I/O in the unix tradition
ACM SIGOPS Operating Systems Review - Research and developments in the Linux kernel
THEMIS: Towards Mutually Verifiable Billing Transactions in the Cloud Computing Environment
CLOUD '10 Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing
Proceedings of the ACM SIGCOMM 2010 conference
SSLShader: cheap SSL acceleration with commodity processors
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Design of integrated multimedia compression and encryption systems
IEEE Transactions on Multimedia
Hi-index | 0.00 |
Emerging cloud services, including mobile offices, Web-based storage services, and content delivery services, run diverse workloads under various device platforms, networks, and cloud service providers. They have been realized on top of SSL/TLS, which is the de facto protocol for end-to-end secure communication over the Internet. In an attempt to achieve a cognitive SSL/TLS with heterogeneous environments (device, network, and cloud) and workload awareness, we thoroughly analyze SSL/TLS-based data communication and identify three critical mismatches in a conventional SSL/TLS-based data transmission. The first mismatch is the performance of loosely coupled encryption-compression and communication routines that lead to underutilized computation and communication resources. The second mismatch is that the conventional SSL/TLS only provides a static compression mode, irrespective of the dynamically changing status of each SSL/TLS connection and the computing power gap between the cloud service provider and diverse device platforms. The third is the memory allocation overhead due to frequent compression switching in the SSL/TLS. As a remedy to these rudimentary operations, we present a system called an Adaptive Cryptography Plugged Compression Network (ACCENT) for SSL/TLS-based cloud services. It is comprised of the following three novel mechanisms, each of which aims to provide an optimal SSL/TLS communication and maximize the network transfer performance of an SSL/TLS protocol stack: tightly-coupled threaded SSL/TLS coding, floating scale-based adaptive compression negotiation, and unified memory allocation for seamless compression switching. We implemented and tested the mechanisms in OpenSSL-1.0.0. ACCENT is integrated into the Web-interface layer and SSL/TLS-based secure storage service within a real cloud computing service, called iCubeCloud, as the key primitive for SSL/TLS-based data delivery over the Internet.