Article

Scalable Web Content Attestation

Authors:

Trent JaegerAuthors Info & Claims

ACSAC '09: Proceedings of the 2009 Annual Computer Security Applications Conference

Pages 95 - 104

https://doi.org/10.1109/ACSAC.2009.19

Published: 07 December 2009 Publication History

Publisher Site

Abstract

The web is a primary means of information sharing for most organizations and people. Currently, a recipient of web content knows nothing about the environment in which that information was generated other than the specific server from whence it came (and even that information can be unreliable). In this paper, we develop and evaluate the Spork system that uses the Trusted Platform Module (TPM) to tie the web server integrity state to the web content delivered to browsers, thus allowing a client to verify that the origin of the content was functioning properly when the received content was generated and/or delivered. We discuss the design and implementation of the Spork service and its browser-side Firefox validation extension. In particular, we explore the challenges and solutions of scaling the delivery of mixed static and dynamic content using exceptionally slow TPM hardware. We perform an in-depth empirical analysis of the Spork system within Apache web servers. This analysis shows Spork can deliver nearly 8,000 static or over 7,000 dynamic integrity-measured web objects per-second. More broadly, we identify how TPM-based content web services can scale with manageable overheads and deliver integrity-measured content with manageable overhead.

Cited By

View all

Tian DChoi JHernandez GTraynor PButler KAhn GThuraisingham BKantarcioglu MKrishnan R(2019)A Practical Intel SGX Setting for Linux Containers in the CloudProceedings of the Ninth ACM Conference on Data and Application Security and Privacy10.1145/3292006.3300030(255-266)Online publication date: 13-Mar-2019
Parno B(2014)BibliographyTrust Extension as a Mechanism for Secure Code Execution on Commodity Computers10.1145/2611399.2611408Online publication date: 5-Jun-2014
Parno B(2014)Trust Extension as a Mechanism for Secure Code Execution on Commodity ComputersundefinedOnline publication date: 5-Jun-2014
Show More Cited By

Recommendations

Scalable Web Content Attestation

The web is a primary means of information sharing for most organizations and people. Currently, a recipient of web content knows nothing about the environment in which that information was generated other than the specific server from whence it came (...
A survey on web use: how people access, consume, keep, and organize web content
CHI EA '12: CHI '12 Extended Abstracts on Human Factors in Computing Systems

We present the results from a preliminary survey concerning the relationship between web content type (contacted by passive delivery or active discovery) and behavior (access, consume, keep, and organize). From the results of the survey, we highlight ...
Complementing your TV-viewing by web content automatically-transformed into TV-program-type content
MULTIMEDIA '05: Proceedings of the 13th annual ACM international conference on Multimedia

Despite much talk about the fusion of broadcasting and the Internet, no technology has been established for fusing web and TV program content. In this paper, we propose ways to transform web content into TV-program-type content as a first step towards ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACSAC '09: Proceedings of the 2009 Annual Computer Security Applications Conference

December 2009

492 pages

ISBN:9780769539195

Publisher

IEEE Computer Society

United States

Publication History

Published: 07 December 2009

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 15 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Tian DChoi JHernandez GTraynor PButler KAhn GThuraisingham BKantarcioglu MKrishnan R(2019)A Practical Intel SGX Setting for Linux Containers in the CloudProceedings of the Ninth ACM Conference on Data and Application Security and Privacy10.1145/3292006.3300030(255-266)Online publication date: 13-Mar-2019
Parno B(2014)BibliographyTrust Extension as a Mechanism for Secure Code Execution on Commodity Computers10.1145/2611399.2611408Online publication date: 5-Jun-2014
Parno B(2014)Trust Extension as a Mechanism for Secure Code Execution on Commodity ComputersundefinedOnline publication date: 5-Jun-2014
Tate SVishwanathan REverhart LBertino ESandhu RBauer LPark J(2013)Multi-user dynamic proofs of data possession using trusted hardwareProceedings of the third ACM conference on Data and application security and privacy10.1145/2435349.2435400(353-364)Online publication date: 18-Feb-2013
Schiffman JVijayakumar HJaeger T(2012)Verifying system integrity by proxyProceedings of the 5th international conference on Trust and Trustworthy Computing10.1007/978-3-642-30921-2_11(179-200)Online publication date: 13-Jun-2012
Moyer TJaeger TMcDaniel P(2012)Scalable integrity-guaranteed AJAXProceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications10.1007/978-3-642-29253-8_1(1-19)Online publication date: 11-Apr-2012
Butler KMcLaughlin SMcDaniel PGates CFranz MMcDermott J(2010)KellsProceedings of the 26th Annual Computer Security Applications Conference10.1145/1920261.1920296(231-240)Online publication date: 6-Dec-2010
Schiffman JMoyer TVijayakumar HJaeger TMcDaniel PPerrig ASion R(2010)Seeding clouds with trust anchorsProceedings of the 2010 ACM workshop on Cloud computing security workshop10.1145/1866835.1866843(43-46)Online publication date: 8-Oct-2010
Balasubramaniyan VPoonawalla AAhamad MHunter MTraynor PAl-Shaer EKeromytis AShmatikov V(2010)PinDr0pProceedings of the 17th ACM conference on Computer and communications security10.1145/1866307.1866320(109-120)Online publication date: 4-Oct-2010

Abstract

Cited By

Recommendations