Archivio Istituzionale della RicercaMAPPER is a system for enforcing user-specific policies based on the availability of access nodes that support the capability to dynamically load and execute processing modules on the data path. This work leverages a network access node that, after authenticating a connecting user, loads a set of lightweight virtual machines that process traffic terminated on the user device to implement articulated user-specific access policies. Specifically, we demonstrate how a man-in-the-middle-proxy module, dynamically and opportunistically combined with a module capable of mobile application identification, can implement complex access policies. The man-in-the-middle-proxy module enables MAPPER policies to be applied to both clear and HTTPS traffic, while an intelligent traffic classification system, provides support for policies based on over 250,000 mobile apps spanning both Android and iOS platforms.
MAPPER: A Mobile Application Personal Policy Enforcement Router for Enterprise Networks / Sapio, Amedeo; Baldi, Mario; Liao, Y.; Ranjan, G.; Risso, FULVIO GIOVANNI OTTAVIO; Tongaonkar, A.; Torres, R.; Nucci, A.. - STAMPA. - (2014), pp. 131-132. (Intervento presentato al convegno Third European Workshop on Software Defined Networks (EWSDN 2014) tenutosi a Budapest, Hungary nel September 2014) [10.1109/EWSDN.2014.9].
MAPPER: A Mobile Application Personal Policy Enforcement Router for Enterprise Networks
SAPIO, AMEDEO;BALDI, MARIO;RISSO, FULVIO GIOVANNI OTTAVIO;
2014
Abstract
MAPPER is a system for enforcing user-specific policies based on the availability of access nodes that support the capability to dynamically load and execute processing modules on the data path. This work leverages a network access node that, after authenticating a connecting user, loads a set of lightweight virtual machines that process traffic terminated on the user device to implement articulated user-specific access policies. Specifically, we demonstrate how a man-in-the-middle-proxy module, dynamically and opportunistically combined with a module capable of mobile application identification, can implement complex access policies. The man-in-the-middle-proxy module enables MAPPER policies to be applied to both clear and HTTPS traffic, while an intelligent traffic classification system, provides support for policies based on over 250,000 mobile apps spanning both Android and iOS platforms.
| File | Dimensione | Formato | |
|---|---|---|---|
|
14EWSDN-MapperDemo.pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
PUBBLICO - Tutti i diritti riservati
Dimensione
133.52 kB
Formato
Adobe PDF
|
133.52 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2560943
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo