Document Type

Technical Report

Publication Date


Technical Report Number



Too often, ``security of Web transactions'' reduces to ``encryption of the channel''---and neglects to address what happens at the server on the other end. This oversight forces clients to trust the good intentions and competence of the server operator---but gives clients no basis for that trust. Furthermore, despite academic and industrial research in secure coprocessing, many in the computer science community still regard ``secure hardware'' as a synonym for ``cryptographic accelerator.' This oversight neglects the real potential of COTS secure coprocessing technology to establish trusted islands of computation in hostile environments---such as at web servers with risk of insider attack. In this paper, we apply secure coprocessing and cryptography to solve this real problem in Web technology. We present a vision: using secure coprocessors to establish trusted co-servers at Web servers and moving sensitive computations inside these co-servers. We present a prototype implementation of this vision that scales to realistic workloads. Finally, we validate this approach by building a simple E-voting application on top of our prototype. From our experience, we conclude that this approach provides a practical and effective way to enhance the security of Web servers against insider attack.