NSDI '06 — Abstract
Pp. 169–182 of the Proceedings
Na Kika: Secure Service Execution and Composition in an Open Edge-Side Computing Network
Robert Grimm, Guy Lichtman, Nikolaos Michalakis,
Amos Elliston, Adam Kravetz, Jonathan Miller, and Sajid Raza,
New York University
Abstract
Making the internet's edge easily extensible fosters
collaboration and innovation on web-based applications, but also
raises the problem of how to secure the execution platform. This
paper presents Na Kika, an edge-side computing network, that addresses
this tension between extensibility and security; it safely opens the
internet's edge to all content producers and consumers. First,
Na Kika expresses services as scripts, which are selected through
predicates on HTTP messages and composed with each other into a
pipeline of content processing steps. Second, Na Kika isolates
individual scripts from each other and, instead of enforcing
inflexible a-priori quotas, limits resource consumption based on
overall system congestion. Third, Na Kika expresses security policies
through the same predicates as regular application functionality, with
the result that policies are as easily extensible as hosted code and
that enforcement is an integral aspect of content processing.
Additionally, Na Kika leverages a structured overlay network to
support cooperative caching and incremental deployment with low
administrative overhead.
- View the full text of this paper in HTML and PDF. Listen to the presentation in MP3 format.
Until May 2007, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2006 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
|
