Ensuring content integrity for untrusted peer-to-peer content distribution networks
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
| Hi-index | 0.00 |
Making the internet's edge easily extensible fosters collaboration and innovation on web-based applications, but also raises the problem of how to secure the execution platform. This paper presents Na Kika, an edge-side computing network, that addresses this tension between extensibility and security; it safely opens the internet's edge to all content producers and consumers. First, Na Kika expresses services as scripts, which are selected through predicates on HTTP messages and composed with each other into a pipeline of content processing steps. Second, Na Kika isolates individual scripts from each other and, instead of enforcing inflexible apriori quotas, limits resource consumption based on overall system congestion. Third, Na Kika expresses security policies through the same predicates as regular application functionality, with the result that policies are as easily extensible as hosted code and that enforcement is an integral aspect of content processing. Additionally, Na Kika leverages a structured overlay network to support cooperative caching and incremental deployment with low administrative overhead.