I-HTTPA, iprotocol yeenkonzo zewebhu kwiindawo ezithembekileyo

Darkcrizt

Imizuzu ye4

I-HTTPS ngoku yeyona ndlela yomthetho yosetyenziso lwewebhu Inika unxibelelwano olukhawulezayo nolukhuselekileyo kunye nenqanaba elithile lobumfihlo kunye nokunyaniseka. Nangona kunjalo, i-HTTPS ayikwazi ukunika iziqinisekiso zokhuseleko kwidatha yesicelo ekubaleni, ngoko Imo ye-IT iveza imingcipheko kunye nobuthathaka.

Ngenxa yoku, abasebenzi ababini be-Intel bakholelwa ukuba iinkonzo zewebhu zinokwenziwa zikhuseleke ngakumbi kungekuphela nje ngokwenza izibalo kwiindawo ezithembekileyo ezikude, okanye i-TEE, kodwa nangokuqinisekisa kubathengi ukuba yenziwe.

Gordon ukumkani, injineli yesoftware kunye Hans Wang, Umphandi we-Intel Labs, bacebisa umthetho olandelwayo ukwenza oku kwenzeke. Kwinqaku elinomxholo othi: “I-HTTPA: Iprotokholi engqinelweyo yeHTTPS ", esandul' ukupapashwa kwi-ArXiv, ichaza iprotocol ye-HTTP ebizwa ngokuba yi-HTTPS Attestable (HTTPA) ukuphucula ukhuseleko lwe-intanethi ngokusebenzisa isatifikethi esikude.

Indlela yezicelo zokufumana isiqinisekiso sokuba idatha iya kucutshungulwa yisoftware ethembekileyo kwiindawo ezikhuselekileyo zokwenziwa. I-hardware-based Trusted Execution Environment (TEE) ingasetyenziswa, njenge-Intel Software Guard Extension (Intel SGX).

Ukususela Intel Software Guard Extension (I-Intel SGX) ibonelela nge-encryption kwimemori ukunceda ukukhusela iikhompyutha ezisebenzayo ukunciphisa umngcipheko wokuvuza okanye ukuguqulwa ngokungekho mthethweni kolwazi lwabucala. Ingcamango engundoqo ye-SGX ivumela ukubalwa ukuba kwenzeke ngaphakathi kwendawo ebiyelweyo, indawo ekhuselweyo efihla iikhowudi kunye nedatha enxulumene nokubalwa kokhuseleko.

Ngaphezu koko, i-SGX inikeza iziqinisekiso zokhuseleko ngokusebenzisa isiqinisekiso esikude kumxhasi wewebhu, kuquka isazisi somboneleli kunye nesazisi sokuqinisekisa.

"Apha sinika i-HTTPS Attestable HTTP Protocol (HTTPA), ebandakanya inkqubo yobungqina ekude kwiprotocol yeHTTPS ukujongana nobumfihlo kunye nokhuseleko," utshilo u-Intel.

"Nge-HTTPA, sinokunika iziqinisekiso zokhuseleko ukuseka ukuthembeka kweenkonzo zewebhu kunye nokuqinisekisa ukunyaniseka kokucwangciswa kwezicelo zabasebenzisi bewebhu," bathi uKumkani noWang. Sikholelwa ukuba ubungqina obukude buya kuba yinto entsha. imingcipheko yokhuseleko lweenkonzo zewebhu, kwaye sinikezela ngomthetho weHTTPA ukudibanisa ubungqina bewebhu kunye nokufikelela kwiinkonzo ngendlela esemgangathweni nesebenzayo. «

I-Intel isebenzisa ubungqina obukude njengojongano olusisiseko kubasebenzisi okanye iinkonzo zewebhu ukuseka ukuthembana njengejelo elithembekileyo elithembekileyo lokuhambisa iimfihlo okanye ulwazi oluyimfihlo. Ukufezekisa le njongo, songeza iseti entsha yeendlela ze-HTTP, kubandakanya isicelo / impendulo ye-HTTP, isicelo sobungqina / impendulo, isicelo / impendulo yeseshoni ethembekileyo ye-HTTP, ukufezekisa ubungqina obukude obuvumela abasebenzisi kunye neenkonzo zewebhu ukuseka unxibelelwano ngokuthe ngqo. kwikhowudi esebenzayo.

I-HTTPA yenzelwe ukubonelela ngesatifikethi esikude kunye neziqinisekiso eziyimfihlo zekhompyuter phakathi komxhasi kunye nomncedisi xa usebenzisa iwebhu kwi-Intanethi. Kwimeko ye-HTTPA, sicinga ukuba umxhasi uthembekile kwaye umncedisi akanjalo. Umsebenzisi wabathengi unokujonga ezi ziqinisekiso ukugqiba ukuba ngaba banokuthembela kwaye baqhube imithwalo yemisebenzi yekhompyutha kumncedisi okanye cha. Nangona kunjalo, i-HTTPA ayinikezeli nasiphi na isiqinisekiso sokuba umncedisi uthembekile. I-HTTPA inamacandelo amabini: unxibelelwano kunye nekhompyutha.

Ngokumalunga nokhuseleko lonxibelelwano, I-HTTPA ithatha zonke iingcamango ze-HTTPS zokhuseleko lonxibelelwano, kubandakanywa nokusetyenziswa kwe-TLS kunye nonxibelelwano olukhuselekileyo, ngokukodwa ukusetyenziswa kwe-TLS kunye nokuqinisekiswa kwesazisi somntu. Ngokubhekiselele kukhuseleko lokubala, iprotocol ye-HTTPA idinga ukubonelela ngemeko yokuqinisekisa eyongezelelweyo yobungqina obukude bomsebenzi we-IT wenzeke ngaphakathi kwe-enclave ekhuselekileyo, ukwenzela ukuba umsebenzisi womthengi akwazi ukuqhuba imithwalo yomsebenzi kwimemori efihliweyo.

UKumkani noWang bathi:

“Sikholelwa ukuba i-HTTPA inokuba luncedo kumashishini athile, umzekelo iFinTech kunye nokhathalelo lwempilo. Xa bebuzwa ukuba ngaba iprotocol inokuphazamisana neenkonzo ezine-bandwidth engqongqo okanye iimfuno ze-latency, zaphendula: "Uphononongo olongezelelweyo luya kufuneka ukuqinisekisa nayiphi na impembelelo yokusebenza; nangona kunjalo, asilindelanga naluphi na utshintsho olubalulekileyo lokusebenza kwezinye iiprothokholi zeHTTPS. Ngokumalunga nokuba okanye xa i-HTTPA inokwamkelwa, akucaci. Xa bebuzwa ukuba kukho izicwangciso zokungenisa iinkcukacha njenge-RFC okanye ukwenza enye indlela yokubeka emgangathweni, baphendule: “Sinengxoxo eqhubekayo efuna ukujongwa liqela lezomthetho le-Intel ngaphambi kokuba samkele i-HTTPA. «

Okokugqibela, ukuba unomdla wokwazi okungakumbi ngayo, unokujonga iinkcukacha Kule khonkco ilandelayo.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.