Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado."— Presentation transcript:

1 The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado at Colorado Springs

2 What is a SSLProxy

3 Where Does SSL come in Layer MODEL

4 IXP1EB Setup in Lab

5 Goal of my Thesis Goal Design Efficient SSL Proxy that can –Handle Multiple SSL Requests –Handle session reusability –Handle Keep-Alive sessions Implementation –HTTPS is very slow compared to HTTP, so designing and implementing an efficient proxy will be challenging. The proxy will be making routing decisions based on IP address, TCP port number, URL, HTTP Meta header, and value of XML tags Deliverables –Design documentation for the SSL Proxy. –Source code for implementing the SSL Proxy on Linux and IXP 12EB –Testing documentation

6 Thesis Plan Work done Till-Date –Designing a concurrent SSL Proxy (dynamic forking) in Linux that can handle multiple SSL Requests –Study and analyze how session reusability can be achieved Next 2 week –Study and analyze how Keep-Alive sessions can be maintained –Study and analyze how to achieve preforking. –Compare the performance of preforking and dynamic forking versions Next 2 weeks –Port OpenSSL to VxWorks –Compare networking support between Linux and VxWorks Next 3 weeks –Port the SSL Proxy to IXP network Processor and compare performance with Linux based SSL Proxy –Compare the performance of SSL Proxy on Linux and IXP-12EB

7 Questions/Comments ??

8 References [1] OpenSSL: The Open Source toolkit for SSL/TLS (http://www.openssl.org)http://www.openssl.org [2] SSL and TLS, by Eric Rescorla [3] SSL and TLS Essentials, by Stephen Thomas [4] mod_ssl: The Apache Interface to OpenSSL (http://www.modssl.org)http://www.modssl.org [5] HTTP Over TLS ftp://ftp.ietf.org/internet-drafts/draft-ietf-tls-https-02.txt The specification on how to run HTTP over SSL/TLS [6] Tunneling TCP based protocols through Web proxy servers http://www.www.alternic.org/drafts/drafts-l-m/draft-luotonen-web-proxy-tunneling-01.txt The specification for the HTTP CONNECT method [7] Analysis of SSL 3.0 Protocol http://www.counterpane.com/ssl.html D. Wagner and B. Schneier's USENIX analysis of SSLv3 [8] HyperText Transfer Protocol (HTTP), Version 1.1 (Internet Draft) http://www.w3.org/Protocols/HTTP/1.1/draft-ietf-http-v11-spec-rev-06.txt The application layer protocol Apache+mod_ssl uses over SSL/TLS [9] HyperText Transfer Protocol (HTTP), Version 1.0 (RFC 1945) http://www.ietf.org/rfc/rfc1945.txt The application layer protocol Apache + mod_ssl uses over SSL/TLS

9 References contd. [10] Intel® IXA (Internet Exchange Architecture), http://developer.intel.com/design/ixa/index.htm [11] WindRiver Tornado Development Tools, http://www.windriver.com/products/html/tornado2.html [12] Tornado User’s Guide (Windows Version) 2.0 [13] WindRiver VxWorks, http://www.windriver.com/products/html/vxwks54.htmlhttp://www.windriver.com/products/html/vxwks54.html Intel®, IXP-1200, IXP-12EB is the registered Trademarks of Intel Corporation Tornado, VxWorks is the registered Trademarks of Wind River Systems, Inc Linux, Apache, Openssl protected under the GNU General Public License

Download ppt "The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado."

Similar presentations

Welcome to Middleware Joseph Amrithraj

Welcome to Middleware Joseph Amrithraj
Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.

Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department.

9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
Outline  Introduction to Application Layer  Peer-to-peer paradigm  Client-server paradigm  Domain Name System (DNS)  Flat-naming vs hierarchical-naming.

Outline  Introduction to Application Layer  Peer-to-peer paradigm  Client-server paradigm  Domain Name System (DNS)  Flat-naming vs hierarchical-naming.
Design of Web Interface for Advanced Content Switch Thesis proposal by Jayant Patil Department of Computer Science Univ. of Colorado at Colorado Springs.

Design of Web Interface for Advanced Content Switch Thesis proposal by Jayant Patil Department of Computer Science Univ. of Colorado at Colorado Springs.
The Application Layer Chapter 7. Electronic Mail Architecture and Services The User Agent Message Formats Message Transfer Final Delivery.

The Application Layer Chapter 7. Electronic Mail Architecture and Services The User Agent Message Formats Message Transfer Final Delivery.
ClientHello ServerHello Certificate Establish protocol version, session- id, cipher suite, compression method. Certificate Request ServerHelloDone Certificate.

ClientHello ServerHello Certificate Establish protocol version, session- id, cipher suite, compression method. Certificate Request ServerHelloDone Certificate.
Computer Network Architecture and Programming

Computer Network Architecture and Programming
Network Analyzer Example

Network Analyzer Example
NPCSlli 1 DESIGN AND IMPLEMENTATION OF CONTENT SWITCH ON IXP1200EB Presenter: Longhua Li Committee Members: Dr. C. Edward Chow Dr. Jugal K. Kalita Dr.

NPCSlli 1 DESIGN AND IMPLEMENTATION OF CONTENT SWITCH ON IXP1200EB Presenter: Longhua Li Committee Members: Dr. C. Edward Chow Dr. Jugal K. Kalita Dr.
1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Master Thesis Proposal By Nirmala Bulusu Advisor – Dr. Edward Chow Implementation of Protected Extensible Protocol (PEAP) – An IEEE 802.1x wireless LAN.

Master Thesis Proposal By Nirmala Bulusu Advisor – Dr. Edward Chow Implementation of Protected Extensible Protocol (PEAP) – An IEEE 802.1x wireless LAN.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
Chapter 22 Web Hosting and Internet Servers Xuanxuan Su.

Chapter 22 Web Hosting and Internet Servers Xuanxuan Su.
1 Introduction to Web Development. Web Basics The Web consists of computers on the Internet connected to each other in a specific way Used in all levels.

1 Introduction to Web Development. Web Basics The Web consists of computers on the Internet connected to each other in a specific way Used in all levels.
IT 210 The Internet & World Wide Web introduction.

IT 210 The Internet & World Wide Web introduction.

Similar presentations

Ads by Google