PORTO @ Archivio Istituzionale della Ricerca

MAPPER is a system for enforcing user-specific policies based on the availability of access nodes that support the capability to dynamically load and execute processing modules on the data path. This work leverages a network access node that, after authenticating a connecting user, loads a set of lightweight virtual machines that process traffic terminated on the user device to implement articulated user-specific access policies. Specifically, we demonstrate how a man-in-the-middle-proxy module, dynamically and opportunistically combined with a module capable of mobile application identification, can implement complex access policies. The man-in-the-middle-proxy module enables MAPPER policies to be applied to both clear and HTTPS traffic, while an intelligent traffic classification system, provides support for policies based on over 250,000 mobile apps spanning both Android and iOS platforms.

MAPPER: A Mobile Application Personal Policy Enforcement Router for Enterprise Networks / Sapio, Amedeo; Baldi, Mario; Liao, Y.; Ranjan, G.; Risso, FULVIO GIOVANNI OTTAVIO; Tongaonkar, A.; Torres, R.; Nucci, A.. - STAMPA. - (2014), pp. 131-132. (Intervento presentato al convegno Third European Workshop on Software Defined Networks (EWSDN 2014) tenutosi a Budapest, Hungary nel September 2014) [10.1109/EWSDN.2014.9].

MAPPER: A Mobile Application Personal Policy Enforcement Router for Enterprise Networks

SAPIO, AMEDEO;BALDI, MARIO;RISSO, FULVIO GIOVANNI OTTAVIO;
2014

Abstract

MAPPER is a system for enforcing user-specific policies based on the availability of access nodes that support the capability to dynamically load and execute processing modules on the data path. This work leverages a network access node that, after authenticating a connecting user, loads a set of lightweight virtual machines that process traffic terminated on the user device to implement articulated user-specific access policies. Specifically, we demonstrate how a man-in-the-middle-proxy module, dynamically and opportunistically combined with a module capable of mobile application identification, can implement complex access policies. The man-in-the-middle-proxy module enables MAPPER policies to be applied to both clear and HTTPS traffic, while an intelligent traffic classification system, provides support for policies based on over 250,000 mobile apps spanning both Android and iOS platforms.
2014
4.1 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
14EWSDN-MapperDemo.pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: PUBBLICO - Tutti i diritti riservati
Dimensione 133.52 kB
Formato Adobe PDF
Visualizza/Apri
133.52 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2560943
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo