MAPPER: A Mobile Application Personal Policy Enforcement Router for Enterprise Networks

Sapio, Amedeo; Baldi, Mario; Liao, Y.; Ranjan, G.; Risso, FULVIO GIOVANNI OTTAVIO; Tongaonkar, A.; Torres, R.; Nucci, A.

doi:10.1109/EWSDN.2014.9

PORTO @ Archivio Istituzionale della Ricerca

IRIS è la soluzione IT che facilita la raccolta e la gestione dei dati relativi alle attività e ai prodotti della ricerca. Fornisce a ricercatori, amministratori e valutatori gli strumenti per monitorare i risultati della ricerca, aumentarne la visibilità e allocare in modo efficace le risorse disponibili.

MAPPER is a system for enforcing user-specific policies based on the availability of access nodes that support the capability to dynamically load and execute processing modules on the data path. This work leverages a network access node that, after authenticating a connecting user, loads a set of lightweight virtual machines that process traffic terminated on the user device to implement articulated user-specific access policies. Specifically, we demonstrate how a man-in-the-middle-proxy module, dynamically and opportunistically combined with a module capable of mobile application identification, can implement complex access policies. The man-in-the-middle-proxy module enables MAPPER policies to be applied to both clear and HTTPS traffic, while an intelligent traffic classification system, provides support for policies based on over 250,000 mobile apps spanning both Android and iOS platforms.

Titolo:	MAPPER: A Mobile Application Personal Policy Enforcement Router for Enterprise Networks
Autori:	SAPIO, AMEDEO BALDI, MARIO Liao Y. Ranjan G. RISSO, FULVIO GIOVANNI OTTAVIO Tongaonkar A. Torres R. Nucci A. mostra contributor esterni nascondi contributor esterni
Data di pubblicazione:	2014
Abstract:	MAPPER is a system for enforcing user-specific policies based on the availability of access nodes... that support the capability to dynamically load and execute processing modules on the data path. This work leverages a network access node that, after authenticating a connecting user, loads a set of lightweight virtual machines that process traffic terminated on the user device to implement articulated user-specific access policies. Specifically, we demonstrate how a man-in-the-middle-proxy module, dynamically and opportunistically combined with a module capable of mobile application identification, can implement complex access policies. The man-in-the-middle-proxy module enables MAPPER policies to be applied to both clear and HTTPS traffic, while an intelligent traffic classification system, provides support for policies based on over 250,000 mobile apps spanning both Android and iOS platforms.
Appare nelle tipologie:	4.1 Contributo in Atti di convegno

File in questo prodotto:

File	Descrizione	Tipologia	Licenza
14EWSDN-MapperDemo-published.pdf		2. Post-print	Non Pubblico - Accesso privato/ristretto	Administrator Richiedi una copia
14EWSDN-MapperDemo.pdf		2. Post-print	PUBBLICO - Tutti i diritti riservati	Visibile a tuttiVisualizza/Apri

Utilizza questo identificativo per citare o creare un link a questo documento:
http://hdl.handle.net/11583/2560943

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.