MAPPER is a system for enforcing user-specific policies based on the availability of access nodes that support the capability to dynamically load and execute processing modules on the data path. This work leverages a network access node that, after authenticating a connecting user, loads a set of lightweight virtual machines that process traffic terminated on the user device to implement articulated user-specific access policies. Specifically, we demonstrate how a man-in-the-middle-proxy module, dynamically and opportunistically combined with a module capable of mobile application identification, can implement complex access policies. The man-in-the-middle-proxy module enables MAPPER policies to be applied to both clear and HTTPS traffic, while an intelligent traffic classification system, provides support for policies based on over 250,000 mobile apps spanning both Android and iOS platforms.
MAPPER: A Mobile Application Personal Policy Enforcement Router for Enterprise Networks / Sapio A.; Baldi M.; Liao Y.; Ranjan G.; Risso F.; Tongaonkar A.; Torres R.; Nucci A.. - STAMPA. - (2014), pp. 131-132. ((Intervento presentato al convegno Third European Workshop on Software Defined Networks (EWSDN 2014) tenutosi a Budapest, Hungary nel September 2014 [10.1109/EWSDN.2014.9].
Titolo: | MAPPER: A Mobile Application Personal Policy Enforcement Router for Enterprise Networks | |
Autori: | ||
Data di pubblicazione: | 2014 | |
Abstract: | MAPPER is a system for enforcing user-specific policies based on the availability of access nodes... that support the capability to dynamically load and execute processing modules on the data path. This work leverages a network access node that, after authenticating a connecting user, loads a set of lightweight virtual machines that process traffic terminated on the user device to implement articulated user-specific access policies. Specifically, we demonstrate how a man-in-the-middle-proxy module, dynamically and opportunistically combined with a module capable of mobile application identification, can implement complex access policies. The man-in-the-middle-proxy module enables MAPPER policies to be applied to both clear and HTTPS traffic, while an intelligent traffic classification system, provides support for policies based on over 250,000 mobile apps spanning both Android and iOS platforms. | |
Appare nelle tipologie: | 4.1 Contributo in Atti di convegno |
File in questo prodotto:
File | Descrizione | Tipologia | Licenza | |
---|---|---|---|---|
14EWSDN-MapperDemo-published.pdf | 2. Post-print / Author's Accepted Manuscript | Non Pubblico - Accesso privato/ristretto | Administrator Richiedi una copia | |
14EWSDN-MapperDemo.pdf | 2. Post-print / Author's Accepted Manuscript | PUBBLICO - Tutti i diritti riservati | Visibile a tuttiVisualizza/Apri |
http://hdl.handle.net/11583/2560943