I-HTTPA, iphrothokholi yamasevisi ewebhu ezindaweni ezithenjwayo

Darkcrizt

Imizuzu ye-4

I-HTTPS okwamanje iyiphrothokholi eyinhloko yezinhlelo zokusebenza zewebhu Inikeza ukuxhumana okusheshayo nokuvikelekile ngezinga elithile lobumfihlo nobuqotho. Nokho, i-HTTPS ayikwazi ukunikeza iziqinisekiso zokuphepha kudatha yohlelo lokusebenza ekubalweni, ngakho imvelo ye-IT iveza ubungozi kanye nokuba sengozini.

Ngokunikezwa kwalokhu, izisebenzi ezimbili ze-Intel zikholelwa ukuthi izinsizakalo zewebhu zingenziwa zivikeleke kakhulu hhayi nje ngokwenza izibalo ezindaweni ezithenjwayo zokwenza okukude, noma i-TEE, kodwa futhi ngokuqinisekisa amaklayenti ukuthi sekwenziwe.

UGordon King, unjiniyela wesoftware kanye Hans Wang, Umcwaningi we-Intel Labs, bahlongoze inqubo yokwenza lokhu kwenzeke. Esihlokweni esithi: “I-HTTPA: I-HTTPS Attestable Protocol ”, esanda kushicilelwa ku-ArXiv, ichaza umthetho olandelwayo we-HTTP obizwa nge-HTTPS Attestable (HTTPA) ukuthuthukisa ukuphepha kwe-inthanethi ngesitifiketi esikude.

Indlela yokuthi izinhlelo zokusebenza zithole isiqinisekiso sokuthi idatha izocutshungulwa isofthiwe ethembekile ezindaweni eziphephile zokusebenzisa. I-Hardware-based Trusted Execution Environment (TEE) ingasetshenziswa, njenge-Intel Software Guard Extension (Intel SGX).

Kusukela i-Intel Software Guard Extension (I-Intel SGX) inikeza ukubethela kwenkumbulo ukusiza ukuvikela amakhompyutha asebenzayo ukunciphisa ingozi yokuvuza noma ukuguqulwa okungekho emthethweni kolwazi oluyimfihlo. Umqondo oyinhloko we-SGX uvumela ukubala ukuthi kwenzeke ngaphakathi kwendawo ebiyelwe, indawo evikelekile ebethela amakhodi nedatha ehlobene nesibalo esibucayi ngokuvikeleka.

Ngaphezu kwalokho, i-SGX inikeza iziqinisekiso zokuphepha ngesitifiketi esikude kuklayenti lewebhu, okuhlanganisa ubunikazi bomhlinzeki kanye nomazisi wokuqinisekisa.

"Lapha sinikeza i-HTTPS Attestable HTTP Protocol (HTTPA), ehlanganisa inqubo yobufakazi ekude kuphrothokholi ye-HTTPS ukuze kubhekwane nobumfihlo nokuphepha," kusho u-Intel.

"Nge-HTTPA, singanikeza iziqinisekiso zokuphepha ukuze siqinisekise ukwethembeka kwezinsizakalo zewebhu futhi siqinisekise ubuqotho bokucutshungulwa kwezicelo zabasebenzisi bewebhu," kusho u-King no-Wang. Sikholelwa ukuthi ukufakaza okukude kuzoba yinjwayelo entsha. ubungozi bokuphepha kwezinsizakalo zewebhu, futhi sinikezela ngephrothokholi ye-HTTPA ukuze sihlanganise ubufakazi bewebhu kanye nokufinyelela kumasevisi ngendlela evamile nephumelelayo. «

I-Intel isebenzisa ubufakazi obukude njengesixhumi esibonakalayo esiyisisekelo sabasebenzisi noma izinsiza zewebhu ukuze kusungulwe ukwethenjwa njengesiteshi esivikelekile esithembekile sokuletha izimfihlo noma ulwazi oluyimfihlo. Ukuze sifinyelele lo mgomo, sengeza isethi entsha yezindlela ze-HTTP, okuhlanganisa isicelo/impendulo ye-HTTP preflight, isicelo/impendulo yobufakazi be-HTTP, isicelo/impendulo yeseshini ethembekile ye-HTTP, ukuze kuzuzwe ubufakazi obukude obuvumela abasebenzisi kanye nezinsizakalo zewebhu ukuthi zisungule ukuxhumana ngqo. kukhodi esebenzayo.

I-HTTPA yakhelwe ukuhlinzeka ngesitifiketi esikude kanye neziqinisekiso zekhompuyutha eziyimfihlo phakathi kweklayenti neseva lapho usebenzisa iwebhu nge-inthanethi. Esimeni se-HTTPA, sicabanga ukuthi iklayenti lithembekile kanti iseva ayithembekile. Umsebenzisi wekhasimende angabheka lezi ziqinisekiso ukuze anqume ukuthi angakwazi yini ukwethemba futhi asebenzise imithwalo yemisebenzi yekhompyutha kuseva noma cha. Nokho, i-HTTPA ayinikezi noma yisiphi isiqinisekiso sokuthi iseva ithembekile. I-HTTPA inezingxenye ezimbili: ukuxhumana kanye nekhompyutha.

Mayelana nokuphepha kokuxhumana, I-HTTPA ithatha konke okucatshangelwayo kwe-HTTPS yokuphepha kokuxhumana, okuhlanganisa ukusetshenziswa kwe-TLS nokuxhumana okuvikelekile, ikakhulukazi ukusetshenziswa kwe-TLS nokuqinisekiswa kobunikazi bomuntu. Mayelana nokuphepha kwekhompyutha, umthetho olandelwayo we-HTTPA udinga ukuhlinzeka ngesimo sokuqinisekisa esengeziwe sobufakazi obukude ukuze umthwalo we-IT wenzeke ngaphakathi kwendawo evikelekile, ukuze umsebenzisi wekhasimende akwazi ukugijima imithwalo yomsebenzi kumemori ebethelwe.

Inkosi noWang bathi:

“Sikholelwa ukuthi i-HTTPA ingase ibe yinzuzo ezimbonini ezithile, isibonelo iFinTech nokunakekelwa kwezempilo. Lapho bebuzwa ukuthi umthetho olandelwayo ungaphazamisa yini izinsizakalo ezinomkhawulokudonsa oqinile noma izidingo ze-latency, baphendule: “Kuzodingeka ukuhlola okwengeziwe ukuze kuqinisekiswe noma yimuphi umthelela wokusebenza; kodwa-ke, asilindele izinguquko eziphawulekayo zokusebenza kwezinye izivumelwano ze-HTTPS. Mayelana nokuthi i-HTTPA ingamukelwa noma nini, akucaci. Lapho bebuzwa ukuthi ngabe zikhona yini izinhlelo zokuhambisa imininingwane njenge-RFC noma ukwenza enye indlela yokumiswa, baphendule: “Sinezingxoxo eziqhubekayo ezidinga ukubuyekezwa yithimba lezomthetho le-Intel ngaphambi kokuthi sisebenzise i-HTTPA. «

Ekugcineni, uma unentshisekelo yokwazi kabanzi ngakho, ungaxhumana nemininingwane Kulesi sixhumanisi esilandelayo.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.