Bryan Parno, Zongwei Zhou, and Adrian Perrig
As hardware support for improved endhost security becomes ubiquitous, it is important to consider how network security and performance can benefit from these improvements. If portions of each endhost can be trusted, then network infrastructure no longer needs to arduously and imprecisely reconstruct data already known by the endhosts. Through the design of a general-purpose architecture we call Assayer, we explore issues in providing trusted host-based data, including the balance between useful data and user privacy, and the tradeoffs between security and efficiency. We also evaluate the usefulness of such information in several case studies. We implement and evaluate a basic Assayer prototype. Our prototype requires fewer than 1,000 lines of code on the endhost. Endhosts can annotate their outbound traffic in a few microseconds, and these annotations can be checked efficiently; even packet-level annotations on a gigabit link can be checked with a loss in throughput of only 13.1%.
In Invited Paper - ACM Workshop on Scalable Trusted Computing (STC)