We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CR

Change to browse by:

cs

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: HTTPA/2: a Trusted End-to-End Protocol for Web Services

Abstract: With the advent of cloud computing and the Internet, the commercialized website becomes capable of providing more web services, such as software as a service (SaaS) or function as a service (FaaS), for great user experiences. Undoubtedly, web services have been thriving in popularity that will continue growing to serve modern human life. As expected, there came the ineluctable need for preserving privacy, enhancing security, and building trust. However, HTTPS alone cannot provide a remote attestation for building trust with web services, which remains lacking in trust. At the same time, cloud computing is actively adopting the use of TEEs and will demand a web-based protocol for remote attestation with ease of use. Here, we propose HTTPA/2 as an upgraded version of HTTP-Attestable (HTTPA) by augmenting existing HTTP to enable end-to-end trusted communication between endpoints at layer 7 (L7). HTTPA/2 allows for L7 message protection without relying on TLS. In practice, HTTPA/2 is designed to be compatible with the in-network processing of the modern cloud infrastructure, including L7 gateway, L7 load balancer, caching, etc. We envision that \acs{httpa}/2 will further enable trustworthy web services and trustworthy AI applications in the future, accelerating the transformation of the web-based digital world to be more trustworthy.
Comments: 24 pages, 6 figures
Subjects: Cryptography and Security (cs.CR)
Cite as: arXiv:2205.01052 [cs.CR]
  (or arXiv:2205.01052v5 [cs.CR] for this version)

Submission history

From: Hans Wang [view email]
[v1] Mon, 2 May 2022 17:37:54 GMT (289kb,D)
[v2] Fri, 20 May 2022 18:51:44 GMT (291kb,D)
[v3] Wed, 15 Jun 2022 15:44:21 GMT (291kb,D)
[v4] Fri, 17 Jun 2022 21:37:12 GMT (316kb,D)
[v5] Sun, 25 Sep 2022 20:27:35 GMT (304kb,D)

Link back to: arXiv, form interface, contact.