HTTPA/2: a Trusted End-to-End Protocol for Web Services

Abstract: We received positive feedback and inquiries on the previous version of HTTPA [11] (HTTPA/1). As a result, we present a major revision of the HTTPA protocol (HTTPA/2) to protect sensitive data in HTTPA transactions from cyber attacks. Comparatively, the previous work [11] is mainly focused on how to include remote attestation (RA) and secret provisioning to the HTTP protocol with Transport Layer Security (TLS) protection across the Internet, which is great, but it comes at a price. In contrast, HTTPA/2 is not n… Show more