Web browser for delay-tolerant networks

Due to growth of the Internet, the number of devices increasing and the structure of networks becoming more complex, the problem of time delays during information transmissions has arisen. In environments with long transmission delays modern protocols may become inefficient or even useless. Delay-tolerant Networking (DTN) is one approach that allows to solve the problem of long transmission delay times. In the thesis, an approach to web access in such networks is proposed. The problem of data transmission in the networks with long delays is considered. Special methods exist for data transmission in computer networks. But traditional data transmission protocols do not work well in networks with long delays, e.g. when transmitting over long distances, such as in space, or when connectivity may be disrupted, such as in mobile networks. It is necessary, therefore, to replace TCP and to change the existing web protocol (Hypertext Transfer Protocol - HTTP) in order to allow HTTP data transmissions in DTN environments. In the thesis, HTTP is analyzed and an adaptation of HTTP to DTN environments, as proposed in earlier research, is reviewed and extended further. A client part is created and the implementation is described. The client allows solving the problem of HTTP over DTN usage. An open-source browser is modified and the necessary extensions are developed. The extensions allow to use the DTN transport protocol (i.e. the Bundle Protocol) as another option of transport other than TCP. The software module for a web browser is built on the Mozilla platform. It was shown that it is possible to create a browser to work in DTNs

S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX

Function-as-a-Service (FaaS) is a recent and already very popular paradigm in cloud computing. The function provider need only specify the function to be run, usually in a high-level language like JavaScript, and the service provider orchestrates all the necessary infrastructure and software stacks. The function provider is only billed for the actual computational resources used by the function invocation. Compared to previous cloud paradigms, FaaS requires significantly more fine-grained resource measurement mechanisms, e.g. to measure compute time and memory usage of a single function invocation with sub-second accuracy. Thanks to the short duration and stateless nature of functions, and the availability of multiple open-source frameworks, FaaS enables non-traditional service providers e.g. individuals or data centers with spare capacity. However, this exacerbates the challenge of ensuring that resource consumption is measured accurately and reported reliably. It also raises the issues of ensuring computation is done correctly and minimizing the amount of information leaked to service providers. To address these challenges, we introduce S-FaaS, the first architecture and implementation of FaaS to provide strong security and accountability guarantees backed by Intel SGX. To match the dynamic event-driven nature of FaaS, our design introduces a new key distribution enclave and a novel transitive attestation protocol. A core contribution of S-FaaS is our set of resource measurement mechanisms that securely measure compute time inside an enclave, and actual memory allocations. We have integrated S-FaaS into the popular OpenWhisk FaaS framework. We evaluate the security of our architecture, the accuracy of our resource measurement mechanisms, and the performance of our implementation, showing that our resource measurement mechanisms add less than 6.3% latency on standardized benchmarks

Migrating SGX Enclaves with Persistent State

Hardware-supported security mechanisms like Intel Software Guard Extensions (SGX) provide strong security guarantees, which are particularly relevant in cloud settings. However, their reliance on physical hardware conflicts with cloud practices, like migration of VMs between physical platforms. For instance, the SGX trusted execution environment (enclave) is bound to a single physical CPU. Although prior work has proposed an effective mechanism to migrate an enclave's data memory, it overlooks the migration of persistent state, including sealed data and monotonic counters; the former risks data loss whilst the latter undermines the SGX security guarantees. We show how this can be exploited to mount attacks, and then propose an improved enclave migration approach guaranteeing the consistency of persistent state. Our software-only approach enables migratable sealed data and monotonic counters, maintains all SGX security guarantees, minimizes developer effort, and incurs negligible performance overhead

Proceedings of Seminar on Network Protocols in Operating Systems

The Linux networking stack tends to evolve rapidly, and while there are some excellent documentation written in the past, most of the past documentation gotten (at least partially) outdated over time. The seminar on Network Protocols in Operating Systems was arranged in Aalto University, fall 2012, Department of Communications and Networking to gain a better understanding of the current status of the networking implementation in the Linux kernel. The seminar had 10 participants and each participant was assigned a module from the Linux networking implementation, on which a short paper was to be written. This publications contain the final output of this work. The papers included in the publication are: Kurnikov, Arseny: Linux kernel application interface. Jaakkola, Antti: Implementation of transmission control protocol in Linux. Arianfar, Somaya: TCP’s congestion control implementation in Linux kernel. Budigere, Karthik: Linux implementation study of stream control transmission protocol. Khattak, Fida Ullah: The IPv4 implementation of Linux kernel stack. Boye, Magnus: Netfilter connection tracking and NAT implementation. Korhonen, Jouni: Mobile IPv6 Linux kernel and user space. Soininen, Jonne: Device agnostic network interface. Kalliola, Aapo: Network device drivers in Linux. Varis, Nuutti: Anatomy of a Linux bridge

Trusted Execution Environments in Cloud Computing

Cloud technologies have become ubiquitous, being widely used by a variety of users: from individuals to large corporations. Without a doubt, clouds offer major benefits that make them attractive, such as elasticity, scalability, availability, and reliability. However, users' data privacy and security are two main concerns when data is processed in the cloud. Currently, users have to trust cloud providers for processing their data securely, not disclosing it to third parties maliciously or by mistake, and applying best security practices. Largely this trust is based on the cloud provider's reputation: it is in the interest of cloud providers to take security seriously; otherwise, they may lose customers. However this trust model does not provide the technical means of security assurance.   Trusted Execution Environments (TEEs) can be used to change the situation. It is a very promising technology that enables secure computation on a remote host. Applying TEEs to cloud environments changes the trust model: customers no longer need to rely on the reputation of the cloud provider. The main reason is that a TEE provides the ability to execute arbitrary code in isolation from the underlying operating system or the hypervisor. Additionally, it is possible to remotely verify what code is running inside a TEE. The trust is based on the hardware and technically it is moved from the cloud provider to the hardware manufacturer.   This work addresses the following challenges when developing TEE applications and deploying TEEs in the cloud. First, how to build scalable applications while maintaining TEE security guarantees? Second, how to reconcile hardware-based TEEs with existing cloud practices? Third, how to utilize TEEs to provide trustworthy resource measurements in the cloud? The contributions of this dissertation are developing two scalable Trusted Applications for cloud environments, a TEE migration framework to support Virtual Machine migration in the cloud, and a secure resource measurement framework based on TEEs. The contributions form an important step forward towards a wider deployment of TEEs in the cloud that opens opportunities for cloud providers and their clients to benefit from assurance based on hardware and stronger security guarantees

SafeKeeper: Protecting Web Passwords using Trusted Execution Environments

Passwords are by far the most widely-used mechanism for authenticating users on the web, out-performing all competing solutions in terms of deployability (e.g. cost and compatibility). However, two critical security concerns are phishing and theft of password databases. These are exacerbated by users» tendency to reuse passwords across different services. Current solutions typically address only one of the two concerns, and do not protect passwords against rogue servers. Furthermore, they do not provide any verifiable evidence of their (server-side) adoption to users, and they face deployability challenges in terms of ease-of-use for end users, and/or costs for service providers. We present SafeKeeper, a novel and comprehensive solution to ensure secrecy of passwords in web authentication systems. Unlike previous approaches, SafeKeeper protects users» passwords against very strong adversaries, including external phishers as well as corrupted (rogue) servers. It is relatively inexpensive to deploy as it (i) uses widely available hardware-based trusted execution environments like Intel SGX, (ii) requires only minimal changes for integration into popular web platforms like WordPress, and (iii) imposes negligible performance overhead. We discuss several challenges in designing and implementing such a system, and how we overcome them. Via an 86-participant user study, systematic analysis and experiments, we show the usability, security and deployability of SafeKeeper, which is available as open-source.Peer reviewe

Using SafeKeeper to Protect Web Passwords

Although passwords are by far the most widely-used user authentication mechanism on the web, their security is threatened by password phishing and password database breaches. SafeKeeper is a system for protecting web passwords against very strong adversaries, including sophisticated phishers and compromised servers. Compared to other approaches, one of the key differentiating aspects of SafeKeeper is that it provides web users with verifiable assurance that their passwords are being protected. In this paper, we demonstrate precisely how SafeKeeper can be used to protect web passwords in real-world systems. We first explain two important deployability aspects: i) how SafeKeeper can be integrated into the popular WordPress platform, and ii) how ordinary web users can use Intel SGX remote attestation to verify that SafeKeeper is running on a particular server. We then describe three demonstrations to illustrate the use of SafeKeeper: i) showing the user experience when visiting a legitimate website; ii) showing the encryption of the password in transit via live packet-capture; and iii) showing how SafeKeeper performs in the presence of phishing.Peer reviewe