BIB-VERSION:: CS-TR-v2.0 ID:: ncstrl.dartmouthcs//TR2001-410 ENTRY:: February 12, 2002 ORGANIZATION:: Dartmouth College, Computer Science TITLE:: Securing Web Servers against Insider Attack TYPE:: Technical Report (paper) REVISION:: 1 AUTHOR:: Jiang, Shan AUTHOR:: Smith, Sean AUTHOR:: Minami, Kazuhiro DATE:: July 2001 RETRIEVAL:: For a paper copy, email RETRIEVAL:: For a paper copy, write to Technical Report Librarian Department of Computer Science Dartmouth College 6211 Sudikoff Laboratory Hanover, NH 03755-3510 USA RETRIEVAL:: Compressed Postscript at http://www.cs.dartmouth.edu/reports/TR2001-410.ps.Z RETRIEVAL:: PDF at http://www.cs.dartmouth.edu/reports/TR2001-410.pdf ABSTRACT:: Too often, ``security of Web transactions'' reduces to ``encryption of the channel''---and neglects to address what happens at the server on the other end. This oversight forces clients to trust the good intentions and competence of the server operator---but gives clients no basis for that trust. Furthermore, despite academic and industrial research in secure coprocessing, many in the computer science community still regard ``secure hardware'' as a synonym for ``cryptographic accelerator.' This oversight neglects the real potential of COTS secure coprocessing technology to establish trusted islands of computation in hostile environments---such as at web servers with risk of insider attack. In this paper, we apply secure coprocessing and cryptography to solve this real problem in Web technology. We present a vision: using secure coprocessors to establish trusted co-servers at Web servers and moving sensitive computations inside these co-servers. We present a prototype implementation of this vision that scales to realistic workloads. Finally, we validate this approach by building a simple E-voting application on top of our prototype. From our experience, we conclude that this approach provides a practical and effective way to enhance the security of Web servers against insider attack. END:: ncstrl.dartmouthcs//TR2001-410