Trajectory sampling for direct traffic observation
IEEE/ACM Transactions on Networking (TON)
Performance debugging for distributed systems of black boxes
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Middleboxes no longer considered harmful
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
TVDc: managing security in the trusted virtual datacenter
ACM SIGOPS Operating Systems Review
Detecting in-flight page changes with web tripwires
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Packet-dropping adversary identification for data plane security
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
SmartRE: an architecture for coordinated network-wide redundancy elimination
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Accountability in hosted virtual networks
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
Controlling data in the cloud: outsourcing computation without outsourcing control
Proceedings of the 2009 ACM workshop on Cloud computing security
PacketShader: a GPU-accelerated software router
Proceedings of the ACM SIGCOMM 2010 conference
Towards trusted cloud computing
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
CloudCmp: comparing public cloud providers
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Verifiable network-performance measurements
Proceedings of the 6th International COnference
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
X-trace: a pervasive network tracing framework
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Principles of remote attestation
International Journal of Information Security - Special Issue:10th International Conference on Information and Communications Security (ICICS)
CloudNaaS: a cloud networking platform for enterprise applications
Proceedings of the 2nd ACM Symposium on Cloud Computing
Verifiable resource accounting for cloud computing services
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Verifying and enforcing network paths with icing
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Multi-resource fair queueing for packet processing
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Making middleboxes someone else's problem: network processing as a cloud service
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Outsourcing network functionality
Proceedings of the first workshop on Hot topics in software defined networks
Towards verifiable resource accounting for outsourced computation
Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
A Hybrid Architecture for Interactive Verifiable Computation
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
PacketCloud: an open platform for elastic in-network services
Proceedings of the eighth ACM international workshop on Mobility in the evolving internet architecture
| Hi-index | 0.00 |
Network function outsourcing (NFO) enables enterprises and small businesses to achieve the performance and security benefits offered by middleboxes (e.g., firewall, IDS) without incurring high equipment or operating costs that such functions entail. In order for this vision to fully take root, however, we argue that NFO customers must be able to verify that the service is operating as intended w.r.t.: (1) functionality (e.g., did the packets traverse the desired sequence of middlebox modules?); (2) performance (e.g., is the latency comparable to an "in-house" service?); and (3) accounting (e.g., are the CPU/memory consumption being accounted for correctly?). In this position paper, we formalize these requirements and present a high-level roadmap to address the challenges involved.