Presentation is loading. Please wait.

Presentation is loading. Please wait.

9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department."— Presentation transcript:

1 9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado at Colorado Springs

2 9/26/2001Godavari Thesis Proposal SSL Proxy2 What is a SSL Proxy?

3 9/26/2001Godavari Thesis Proposal SSL Proxy3 Where is SSL in OSI Network Layer Model? TCP

4 9/26/2001Godavari Thesis Proposal SSL Proxy4 IXP12EB Setup in Lab The board includes Intel IXP1200 network processor With VxWork Realtime Embedded OS and WindRiver IDE SSL proxy will be developed on this network processor.

5 9/26/2001Godavari Thesis Proposal SSL Proxy5 Goal of my Thesis Goal: Design efficient SSL Proxy that can –Handle Multiple SSL Requests –Handle session reusability –Handle Keep-Alive sessions and understand the porting issues to VxWork on IXP12EB. HTTPS is very slow compared to HTTP, so designing and implementing an efficient proxy will be challenging. SSL proxy will be making routing decisions based on a set of user-defined rules, and the IP address, TCP port number, URL, HTTP headers, and the values of XML tags of the requests. Deliverables –Design documentation for the SSL Proxy. –Source code for implementing the SSL Proxy on Linux and IXP 12EB –Working prototypes and their performance analysis.

6 9/26/2001Godavari Thesis Proposal SSL Proxy6 Thesis Plan Work done Till-Date –Designed a concurrent SSL Proxy using OpenSSL and dynamic forking in Linux for handling multiple SSL requests –Studied and analyzed how session reusability can be achieved Next 2 week –Study and analyze how keep-alive sessions can be maintained –Study and analyze how to achieve preforking. –Compare the performance of preforking and dynamic forking versions Next 2 weeks –Port OpenSSL to VxWorks –Compare networking support between Linux and VxWorks Next 3 weeks –Port SSL Proxy to IXP network Processor –Compare performance of SSL Proxy on Linux and IXP-12EB

7 9/26/2001Godavari Thesis Proposal SSL Proxy7 Questions/Comments ??

8 9/26/2001Godavari Thesis Proposal SSL Proxy8 References [1] OpenSSL: The Open Source toolkit for SSL/TLS (http://www.openssl.org) [2] SSL and TLS, by Eric Rescorla [3] SSL and TLS Essentials, by Stephen Thomas [4] mod_ssl: The Apache Interface to OpenSSL (http://www.modssl.org) [5] HTTP Over TLS ftp://ftp.ietf.org/internet-drafts/draft-ietf-tls-https-02.txt The specification on how to run HTTP over SSL/TLS [6] Tunneling TCP based protocols through Web proxy servers http://www.www.alternic.org/drafts/drafts-l-m/draft-luotonen-web-proxy-tunneling-01.txt The specification for the HTTP CONNECT method [7] Analysis of SSL 3.0 Protocol http://www.counterpane.com/ssl.html D. Wagner and B. Schneier's USENIX analysis of SSLv3 [8] HyperText Transfer Protocol (HTTP), Version 1.1 (Internet Draft) http://www.w3.org/Protocols/HTTP/1.1/draft-ietf-http-v11-spec-rev-06.txt The application layer protocol Apache+mod_ssl uses over SSL/TLS [9] HyperText Transfer Protocol (HTTP), Version 1.0 (RFC 1945) http://www.ietf.org/rfc/rfc1945.txt The application layer protocol Apache + mod_ssl uses over SSL/TLS

9 9/26/2001Godavari Thesis Proposal SSL Proxy9 References [10] Intel® IXA (Internet Exchange Architecture), http://developer.intel.com/design/ixa/index.htm [11] WindRiver Tornado Development Tools, http://www.windriver.com/products/html/tornado2.html [12] Tornado User’s Guide (Windows Version) 2.0 [13] WindRiver VxWorks, http://www.windriver.com/products/html/vxwks54.html Intel®, IXP-1200, IXP-12EB is the registered Trademarks of Intel Corporation Tornado, VxWorks is the registered Trademarks of Wind River Systems, Inc Linux, Apache, Openssl protected under the GNU General Public License

Download ppt "9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department."

Similar presentations

Welcome to Middleware Joseph Amrithraj

Welcome to Middleware Joseph Amrithraj
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
Design of Web Interface for Advanced Content Switch Thesis proposal by Jayant Patil Department of Computer Science Univ. of Colorado at Colorado Springs.

Design of Web Interface for Advanced Content Switch Thesis proposal by Jayant Patil Department of Computer Science Univ. of Colorado at Colorado Springs.
The Application Layer Chapter 7. Electronic Mail Architecture and Services The User Agent Message Formats Message Transfer Final Delivery.

The Application Layer Chapter 7. Electronic Mail Architecture and Services The User Agent Message Formats Message Transfer Final Delivery.
Cornell CS502 Web Basics and Protocols CS 502 – 20020129 Carl Lagoze Acks to McCracken Syracuse Univ.

Cornell CS502 Web Basics and Protocols CS 502 – Carl Lagoze Acks to McCracken Syracuse Univ.
Computer Network Architecture and Programming

Computer Network Architecture and Programming
Network Analyzer Example

Network Analyzer Example
NPCSlli 1 DESIGN AND IMPLEMENTATION OF CONTENT SWITCH ON IXP1200EB Presenter: Longhua Li Committee Members: Dr. C. Edward Chow Dr. Jugal K. Kalita Dr.

NPCSlli 1 DESIGN AND IMPLEMENTATION OF CONTENT SWITCH ON IXP1200EB Presenter: Longhua Li Committee Members: Dr. C. Edward Chow Dr. Jugal K. Kalita Dr.
The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado.

The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado.
Chapter 22 Web Hosting and Internet Servers Xuanxuan Su.

Chapter 22 Web Hosting and Internet Servers Xuanxuan Su.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
IT 210 The Internet & World Wide Web introduction.

IT 210 The Internet & World Wide Web introduction.
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as e-mail.

Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
Human-Computer Interface Course 5. ISPs and Internet connection.

Human-Computer Interface Course 5. ISPs and Internet connection.
1 HTML and CGI Scripting CSC8304 – Computing Environments for Bioinformatics - Lecture 10.

1 HTML and CGI Scripting CSC8304 – Computing Environments for Bioinformatics - Lecture 10.
Internet-Based Client Access

Internet-Based Client Access
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

Similar presentations

Ads by Google