Challenges in Network Management of Encrypted Traffic

Godred Fairhurst; Mirja Kuehlewind; Brian Trammell; Tobias Buehler; Vijay Gurbani

Challenges in Network Management of Encrypted Traffic

Godred Fairhurst, Mirja Kuehlewind, Brian Trammell, Tobias Buehler, Vijay Gurbani

Engineering

Research output: Working paper

Abstract

This paper summarizes the challenges identified at the MAMI Management and Measurement Summit (M3S) for network management with the increased deployment of encrypted traffic based on a set of use cases and deployed techniques (for network monitoring, performance enhancing proxies, firewalling as well as network-supported DDoS protection and migration), and provides recommendations for future use cases and the development of new protocols and mechanisms. In summary, network architecture and protocol design efforts should 1) provide for independent measurability when observations may be contested, 2) support different security associations at different layers, and 3) replace transparent middleboxes with middlebox transparency in order to increase visibility, rebalance control and enable cooperation.

Original language	English
Publisher	ArXiv
Pages	1-19
Number of pages	19
Publication status	Published - 22 Oct 2022

Bibliographical note

White paper by the EU-H2020 MAMI project (grant agreement No 688421)

This work is partially supported by the European Commission under Horizon 2020 grant agreement no. 688421 Measurement and Architecture for a Middleboxed Internet (MAMI), and by the Swiss State Secretariat for Education, Research, and Innovation under contract no. 15.0268. This support does not imply endorsement.

Keywords

encryption systems

Access to Document

https://arxiv.org/abs/1810.09272Licence: Other

Cite this

@techreport{99cdaa015b40495db44d03393e479728,

title = "Challenges in Network Management of Encrypted Traffic",

abstract = "This paper summarizes the challenges identified at the MAMI Management and Measurement Summit (M3S) for network management with the increased deployment of encrypted traffic based on a set of use cases and deployed techniques (for network monitoring, performance enhancing proxies, firewalling as well as network-supported DDoS protection and migration), and provides recommendations for future use cases and the development of new protocols and mechanisms. In summary, network architecture and protocol design efforts should 1) provide for independent measurability when observations may be contested, 2) support different security associations at different layers, and 3) replace transparent middleboxes with middlebox transparency in order to increase visibility, rebalance control and enable cooperation.",

keywords = "encryption systems",

author = "Godred Fairhurst and Mirja Kuehlewind and Brian Trammell and Tobias Buehler and Vijay Gurbani",

note = "White paper by the EU-H2020 MAMI project (grant agreement No 688421) This work is partially supported by the European Commission under Horizon 2020 grant agreement no. 688421 Measurement and Architecture for a Middleboxed Internet (MAMI), and by the Swiss State Secretariat for Education, Research, and Innovation under contract no. 15.0268. This support does not imply endorsement.",

year = "2022",

month = oct,

day = "22",

language = "English",

pages = "1--19",

publisher = "ArXiv",

type = "WorkingPaper",

institution = "ArXiv",

}

TY - UNPB

T1 - Challenges in Network Management of Encrypted Traffic

AU - Fairhurst, Godred

AU - Kuehlewind, Mirja

AU - Trammell, Brian

AU - Buehler, Tobias

AU - Gurbani, Vijay

N1 - White paper by the EU-H2020 MAMI project (grant agreement No 688421) This work is partially supported by the European Commission under Horizon 2020 grant agreement no. 688421 Measurement and Architecture for a Middleboxed Internet (MAMI), and by the Swiss State Secretariat for Education, Research, and Innovation under contract no. 15.0268. This support does not imply endorsement.

PY - 2022/10/22

Y1 - 2022/10/22

N2 - This paper summarizes the challenges identified at the MAMI Management and Measurement Summit (M3S) for network management with the increased deployment of encrypted traffic based on a set of use cases and deployed techniques (for network monitoring, performance enhancing proxies, firewalling as well as network-supported DDoS protection and migration), and provides recommendations for future use cases and the development of new protocols and mechanisms. In summary, network architecture and protocol design efforts should 1) provide for independent measurability when observations may be contested, 2) support different security associations at different layers, and 3) replace transparent middleboxes with middlebox transparency in order to increase visibility, rebalance control and enable cooperation.

AB - This paper summarizes the challenges identified at the MAMI Management and Measurement Summit (M3S) for network management with the increased deployment of encrypted traffic based on a set of use cases and deployed techniques (for network monitoring, performance enhancing proxies, firewalling as well as network-supported DDoS protection and migration), and provides recommendations for future use cases and the development of new protocols and mechanisms. In summary, network architecture and protocol design efforts should 1) provide for independent measurability when observations may be contested, 2) support different security associations at different layers, and 3) replace transparent middleboxes with middlebox transparency in order to increase visibility, rebalance control and enable cooperation.

KW - encryption systems

M3 - Working paper

SP - 1

EP - 19

BT - Challenges in Network Management of Encrypted Traffic

PB - ArXiv

ER -

Challenges in Network Management of Encrypted Traffic

Abstract

Bibliographical note

Keywords

Access to Document

Fingerprint

Cite this