CSC461-CN-Lecture-15-Feb.-13-2013

7/28/2019 CSC461-CN-Lecture-15-Feb.-13-2013

1/171

BITS PilaniPilani | Dubai | Goa | Hyderabad

Performance & Application-drivenApproaches

to Design of Computer NetworksLectures - 15-17, February 15-17, 2013

Rahul Banerjee, PhD (CSE)

Professor, Department of Computer Science & Information Systems

E-mail: [email protected]


2/171

BITS Pilani, Deemed to be University under Section 3 of UGC Act, 1956

Significance of the Application-Driven Approach toDesign Computer Networks Need for Specialized Protocols for Applications /

Classes of Applications / Services

Select Application-Layer Services & Protocols HTTP, DNS, DHCP, SMTP, POP, IMAP SOAP, REST

Network-based Multimedia Applications Overlay Networks, Protocols and Applications

Example cases of VoIP, SIP, Skype, WebEx, ATT-Connect, AdobeConnect, Jabber

Summary

Interaction Points


3/171


First, a quick recap of Protocols andProtocol Graphs and a little additional

information!

Starters, before we begin the main course!


4/171

OfProtocols&ProtocolGraphs A network protocol, in the simplest sense, is a set of pre-

defined behaviorally encoded request-response pairs that

along with a set of rules and conventions allow meaningfulcommunication within and between nodes of a network.

A graph showing interrelation of various collaboratingprotocols at different levels is called a Protocol Graph.

In a protocol graph, each protocol is represented as a node.HTTP

TCP UDP

IP

TFTP


5/171

ExampleofaSimpleProtocol

GraphasapplicabletotheInternet

HTTP FTP TFTP

TCP UDP

IP


6/171

ProtocolRepresenta@on

There exist numerous schemes ofrepresentation of a given Protocol.

One common way to specify a Protocol isto represent it as a State TransitionDiagram.


7/171

ProtocolValida@on

A Protocol needs to be proven correctbefore it is implemented.

There exist quite a few ways of formal andsemi-formal verification of Protocols.

One common technique is to firstrepresent a protocol a State TransitionDiagram and then examine it for its:

completeness,Reachability,points of weakness etc.


8/171

SystemModel

Anabstractcomputermodel:statemachine.

Anetworkoradistributedsystemmodelcomprisesofasetofnstatemachinescalledprocessorsthatcommunicatewitheachother,

whichcanberepresentedasagraph. Messagepassingcommunica@onmodel:queue(s)

Qij,formessagesfromPitoPj

Systemconfigura@onissetofstates,andmessagequeues.

Inanycaseitisassumedthatthetopologyremainsconnected,i.e.,thereexistsapath

betweenanytwonodes.


9/171

Defini@on

Statessa@sfyingParecalledlegi@matestatesandthosenotsa@sfyingParecalled

illegi@matestates.

AsystemSisself-stabilizingwithrespecttopredicatePifitsa@sfiestheproper@esof

closureandconvergence


10/171

Dijkstra'sself-stabilizingtokenringsystem

Whenamachinehasaprivilege,itisabletochangeitscurrentstate,whichisreferredtoasamove.

Alegi@matestatemustsa@sfythefollowingconstraints: Theremustbeatleastoneprivilegeinthesystem(liveness

ornodeadlock).

Everymovefromalegalstatemustagainputthesystemintoalegalstate(closure).

Duringaninfiniteexecu@on,eachmachineshouldenjoyaprivilegeaninfinitenumberof@mes(nostarva@on).

Givenanytwolegalstates,thereisaseriesofmovesthatchangeonelegalstatetotheother(reachability).

Dijkstraconsideredalegi1mate(orlegal)stateasoneinwhichexactlyone

machineenjoystheprivilege.


11/171

AutomatawithInputs/Outputs

Eachstateemitsanoutputsymbolthatisnotedonthestate Alterna@vely,eachtransi@onismarkedwiththeeventthat

triggersthetransi@onandbelowitliststheac@onsthatare

takenasaresultofthetransi@on.

1 2

3

a

c

bd

s1

s2

s3

1 2

3

a/s2

b/s2

c/s3

d/s1


12/171

ExampleofFSMModelforProtocol

Verifica@on(StopandWaitProtocol)

ThetransmiYersendsaframeandstopswai@ngforanacknowledgementfromthereceiver(ACK)

Oncethereceivercorrectlyreceivestheexpectedpacket,itsendsanacknowledgementtoletthetransmiYersendthenextframe.

WhenthetransmiYerdoesnotreceiveanACKwithinaspecifiedperiodof@me(@mer)thenitretransmitsthepacket.

Timer

Timer

TransmiYer Receiver

Frame0

Frame1

ACK0

ACK1

Frame0

ACK0


13/171


14/171

FSMforStopandWaitProtocol

ReceiverPkt0received

SendAck0

Pkt1received

SendAck1

Pkt0

Received

Pkt1

Received

WaitPkt1WaitPkt0

SendAck1SendAck0


15/171

Communica@onprotocols

Communica@onprotocolmightbeaffecteddueto:

Ini@aliza@ontoanillegalstate. [email protected]

processesgettherequestforthechangeatthesame@me,soanillegalglobalstatemayoccur.

Transmissionerrorsbecauseofmessagelossorcorrup@on.

Processfailureandrecovery. Alocalmemorycrashwhichchangesthelocal

stateofaprocess.


16/171

Exercise

Writeasimula@onprogramthatimitatesthebehaviorofthenetworkshownbelow.

Theinputstoyourprogramarethecapaci@esofeachbufferaswellastheclockstructure(threevectorswiththelife@mesofeachevent)

Theoutputfromyourprogramisthesamplepathofthenetworki.e.,thestatetrajectoryand/oratraceconsis@ngofasequenceofeventsanditscorresponding@me.

B1 B2

a d1 d2


17/171

(c)Dr.RahulBanerjee,BITS,Pilani,India 17

AFewMeasuresofNetworkPerformance

Performance MeasuresAvailable Performance Measured Performance

Bandwidth: Width of the usable / allotted Frequency band Rate of data transfer in bits per second Throughput: Actual measured rate of achievable data transfer in

bits per second

Bandwidth has often a value greater than that of the Throughput Round-Trip Time (RTT) Latency: Delays of various kinds Delay x Bandwidth metric Quality of Service


18/171

15/02/13 Dr. Rahul Banerjee, Department of Computer Science, BITS-Pilani, INDIA 18

PerformanceMa-ers

Withsignificantinputfrom:

ProfessorBobKinicki,ComputerScienceDepartment,WPI,USA


19/171

15/02/13 19

Interac@onPoints

Dr. Rahul Banerjee, Department of Computer Science, BITS-Pilani, INDIA

ComputerNetworkPerformanceMetrics PerformanceEvalua@onTechniques WorkloadCharacteriza@on Simula@onModels Analy@cModels

EmpiricalMeasurementStudies Whattomeasure? Choiceofmeasurementtools TheDesignofMeasurementExperiments


20/171

PerformanceEvalua@on Performance evaluation is the application ofthe

scientific method to the study of computersystems.

Viewed as distinct from computer system design,the goal of performance evaluation is to

determine the effectiveness and fairness of acomputer system that is assumed to workcorrectly.

Performance evaluation techniques have beendeveloped to accurately measure theeffectiveness with which computer systemresources are managed while striving to provideservice that is fair to all customer classes.

Performance Evaluation of ComputerNetworks

20


21/171

ComputerNetworkPerformanceMetrics

Metric :: a descriptor used to represent someaspect of a computer networks performance.

The goal is objective performance indices. For computer networks, metrics can capture

performance at multiple layers of the protocolstack, e.g., UDP throughput IP packet round trip time MAC layer channel utilization

Performance metrics can be positive and negative. e.g., goodput, packet loss rate, MAC layer retries

Performance Evaluation of Computer Networks21


22/171


22

12

1

11

8

4

7

2

6

9

10

14

5

13

15

3

Host

B

Host

C

Host

DHost

E

HostG

Host

J

HostA

Host

H

Host

F

Host

N

16

17

routers

HostL

Host

M

WideAreaNetwork(WAN)


23/171


23

WirelessLocalAreaNetwork(WLAN)

AP

Clients

Server


24/171

SamplePerformanceMeasuresCategory Metric Units

productivity throughput

effective capacity

Mbps

responsiveness delay

round trip time

queue size

milliseconds

packets

utilization channel utilization percentage of

time busy

losses packet loss rate

frame retries

loss percentage

buffer problems AP queue overflow

playout buffer underflow

packet drops

rebuffer events



25/171


25

12

1

11

8

4

7

2

6

9

10

14

5

13

15

3

Host

B

Host

C

Host

DHost

E

HostG

Host

J

HostA

Host

H

Host

F

Host

N

16

17

nodes

HostL

Host

M

WideAreaNetwork(WAN)


26/171


26

A ZXC

YB

LocalAreaNetwork(LAN)


27/171


27


AP

Client

Server


28/171

Outline

Performance Evaluation Computer Network Performance Metrics Performance Evaluation Techniques

Workload Characterization Simulation ModelsAnalytic Models

Empirical Measurement Studies What to measure? Choice of measurement tools The Design of Measurement Experiments


28


29/171

PerformanceEvalua@onTechniques

Workload characterization for computernetworks involves the design and choice oftraffic types that provide the inputs forcomputer network performance evaluation.

Performance measures of computernetworks are all dependent to some extenton the input workload, the network topologyand the choices in controlled parameters ornetwork default settings.

An evaluation study of a computer networkseeks to determine the values for network

performance indices under a given trafficworkload and network configuration.


29


30/171

TypicalNetworkTrafficTypes

Web Traffic between a Browser and an InternetServer.

Long-Lived File Transfers

FTP downloads.

Multimedia Streaming Video clip downloads (UDP and/or TCP)Audio VOIP (Voice Over IP)

Peer-to-Peer Exchanges Concurrent downloads and uploads Telnet file edits


30


31/171


31


AP

Client

Server


32/171

PerformanceEvalua@onTechniques

Models Simulation Modeling Analytic Modeling Both modeling techniques tend to rely on queuing theory.

Measurement Studies Empirical measurement of real networks Measurements where some aspect of the network architecture or

topology is emulated via software or hardware." The primary focus of this presentation is on the design andtechniques used in experiments to measure real computernetworks.


Networkevalua1onu1lizestheactualnetwork,anemulatednetworkoramodelofthenetwork.


33/171

ConceptualModels

Researchers utilize knowledge about theinteractions of network components to

understand and explain the workings of a

computer network via a conceptual model. Models are partitioned into simulation models or

analytic models. Both model types rely on

simplifying assumptions that that enable the

model to capture important characteristics ofnetworks (usually in terms ofnetworks ofqueues).


33


34/171

SimpleQueuingModel


34

Arrivals

Queue Server


35/171

NetworksofQueuesModel


35


36/171

Simula@onModels

Simulation attempts to reproduce the behavior ofthe network in the time domain.

Event-driven simulation defines a network interms of states and transitions where eventstrigger transitions.

Simulation is essentially a numeric solution thatutilizes systems of equations and data structures

to capture the behavior of the simulated networkin terms of logical conditions.


36


37/171

Simula@onModels

The three types of simulators are:Trace-drivenProgram-drivenDistribution-driven

The choice of the duration of a simulationrun is subject to the same issues of

estimating variance and variancereduction as found in the design ofempirical measurements.


37


38/171

Analy@cModels

Similar to simulation models, analytic modelsinvolve systems of equations.

Analytic models of computer networks usuallystart with a network of queues model anddevelop a system of equations that may or mayyield a closed form solution.

Analytic models of computer networks tend to bestochastic models built on the theory ofstochastic processes associated withindependent random variables.


38


39/171

Outline

Performance Evaluation Computer Network Performance Metrics Performance Evaluation Techniques

Workload Characterization Simulation ModelsAnalytic Models

Empirical Measurement Studies What to measure? Choice of measurement tools The Design of Measurement Experiments


39


40/171

EmpiricalMeasurementStudies

The planning phase objectives of an empirical measurement are:

1. To decide what to measure.2. To choose the measurement tools3. To design the experiments.

" Network measurements can be either active or passive. Active measurement involves purposely adding traffic to the

network workload specifically to facilitate the measurement (e.g.,sending packet pair probes into the network to estimate theavailable bandwidth along a flow path).

An example of a passive measurement tool is a network snifferrunning in promiscuous mode to collect information about allpackets traversing a network channel.


40

h ?


41/171

WhattoMeasure?

The overall objective of the computernetwork measurement study guides thechoice of performance indices to bemeasured.

Metrics are either direct or indirectindices. Indirect indices require sometype of data reduction process todetermine metric values.

Due to the large data volume associatedwith network traffic, measurement ofcomputer networks often involves filteringof data or events (e.g., It is common fornetwork measurement tools to onlyretain packet headers for off-linePerformance Evaluation of ComputerNetworks 41


42/171

NetworkMeasurementTools

While hardware probes provide the best qualitymeasurements, they are expensive and notalways available.

The availability of software tools for computernetworks depends on the ability to get inside thecomponents of the network protocol stack andthe ability to access nodes of the networktopology.

Network software measurement tools providehooks within the network layering software tocapture and store network measurement data.


42


43/171

ChoiceofMeasurementToolsKey issues in the usability of network

measurement tools are:

1. Tool location2. Interference or bias introduced by the tool.3.

Accuracy of the tool.

4. Tool resolution- This has become a problem with respect to the granularity

of system clocks relative to the speed of modern high

speed network links.

Performance Evaluation of ComputerNetworks 43


44/171



AP

Clients

Server


45/171

TheDesignofMeasurementExperiments

Measurement Experiments are divided into two major categories:

1. Live measurements With live empirical studies, the objective is to measure the

performance of the computer network while it is handling real traffic.

The advantage of this type of study is that the measurement involvesa real workload. One disadvantage of measuring live traffic is being convinced that

this measurement involves typical traffic for this network.

Another disadvantage of live traffic measurement is thatreproducibility of the exact same traffic workload is usually notpossible. This is problematic when the goal is to evaluate the impact

of changing network components on overall performance.



46/171

2. Controlled-traffic measurements

Traffic generator tools or traffic script files provide repeatable,controlled traffic workloads on the network being measured.

Controlled-traffic workloads are chosen when the goal of theperformance study is to evaluate the impact of different versions of anetwork component, strategy or algorithm on network performance.

Controlled, repeatable traffic makes it easier to conduct cause-and-effect performance analysis.

One difficulty with controlled-traffic is being confident in the accuracyof the traffic generator tool and the ability to conduct measurementexperiments where the traffic workload choices are adequatelyvaried to provide representative, robust network performanceevaluation.


TheDesignofMeasurementExperiments


47/171

MeasurementDesignDecisions

Understanding which network components (orindependent variables) significantly impact

network performance.

Deciding which network parameters are to becontrolled and/or held fixed during experimentalruns.

How long to run a single experiment? How many times to repeat an experiment?



48/171


Time (sec)

Throughput

(Mbps)


49/171


Time (sec)

RSSI(dB)


50/171


When to run experiments?Namely, to determine whether time of day or

other temporal periods influence performance

measurements.

How to control, minimize and/orunderstand physical phenomenon or

other interference sources that can

produce discrepancies and variability inthe measurement results?



51/171


Time (sec)

Throughput

(Mbps)


52/171


Time (sec)

RSSI(dB)


53/171


What data filters to use? How and where to store experimental results? Determining the best choices of graphical and

tabular forms of data representation to facilitate

network performance analysis while providing aclear view of the results of the computer

network performance evaluation.



54/171


Time (sec)

MACLayerRetries


55/171

Cumula@veDistribu@onFunc@on(CDF)



56/171

ComingAYrac@ons

Professor Claypool will discuss:

The Scientific Method applied toComputer Science

Statistical Techniques used inExperimental Measurement Design



57/171

SummaryoftheConcepts&Terms

learntsofar

15/02/13 (c)Dr.RahulBanerjee,SDETUnit,BITS-Pilani,INDIA 57

S N ki T


58/171

(c)Dr.RahulBanerjee,BITS,Pilani,India 58

SomeNetworkingTerms Repeaters / Repeater Hubs / Shared Hubs:

where usually Physical layer / level exist withL1-protocol data unit (raw bits) regenerationand onward transmission

Managed Hubs / Layer-2 Switching Hubs:where Physical and Data Link layers / levelsexist with ability to handle and deliver Layer-2-protocol data unit (frame)

Bridges: where Physical and Data Link layers /levels exist with L2-protocol data unit (frame)processing and forwarding

Switches: where Physical and Data Link and /or Network (sometimes even higher) layers /

levels exist with Layer-2 and / or Layer-3-


59/171

Thank you for your kind attention!

Any question please?

For further details, you may contact at:E-mail: [email protected] / [email protected]

or visit:Home: http://www.bits-pilani.ac.in/~rahul/

f


60/171

References Larry L. Peterson & Bruce S. Davie: Computer Networks: A

Systems Approach, Fourth Edition, Morgan Kaufmann / Elsevier,New Delhi, 2007.

IEEE 802 standards issued so far PLUS amendments like: 802.3ap-2007: IEEE Standard for LAN/MAN Specific

Requirements

Part 3: CSMA/CD Access Method and Physical Layer Specifications

Amendment 4: Ethernet Operation over Electrical Backplanes 802.11-2007 IEEE Standard for LAN/MAN Specific Requirements

Part 11: Wireless LAN Medium Access Control (MAC)and PhysicalLayer (PHY) Specifications

802.15.4a-2007 IEEE Standard for Telecommunications andInformation Exchange Between Systems; PART 15.4: Wireless MAC

and PHY Specifications for Low-Rate Wireless PANs (LR-WPANs) Amendment 1: Add Alternate PHY

802.1ag-2007 IEEE Standard for LAN/MAN Virtual Bridged LANs Amendment 5: Connectivity Fault Management

Dr. Rahul Banerjee, BITS, Pilani (India)


61/171

(c)Dr.RahulBanerjee,BITS,

Pilani,India 61

References A. S. Tanenbaum: Computer Networks, Fourth Edition, Pearson

Education, New Delhi, 2003. Mohammed G. Gouda: Elements of Network Protocol Design,

Wiley Student Edition, John Wiley & Sons (Pte.) Ltd.,Singapore, 2004.

Thomas G. Robertazzi: Computer Networks and Systems:Queuing Theory and Performance Evaluation, Third Edition,

Springer-Verlag, New York, 2000. S. Keshav: Computer Networking: An Engineering Approach,

Pearson Education, New Delhi, 1997.

A. Leon Garcia and I. Widjaja: Communication Networks:Fundamental Concepts and Key Architectures, Second Edition,Tata McGraw-Hill, New Delhi, 2004.

Baldwin, D.: Discovery Learning in Computer Science. InProceedings of the Twenty-seventh SIGCSE TechnicalSymposium on Computer Science Education, ACM, pp.222-226,February 1996.


62/171

NOTE:Some of the duly marked slides have been prepared withrespective input from BITS, UIUC, ETH-Zurich, MSR, UoW,

CMU, IETF, ITU, Sun, W3C, KU, CU, LU, IEEE PC as dulypermitted for academic and research use.

Use of copyrighted material from these and other

sources in the following slides is meant for pureacademic reference herein is thankfully acknowledged.

Wh i W b S i ?


63/171

WhatisaWebService?

A Web Service is simply a service available viathe Web Service can be implemented in any language. Problems with Web Services:

It is not practical to automatically find web services foryour needs

There is no built-in mechanism for payment for use of aweb service

There is no built-in security control When a web service changes (e.g., adds a parameter to its

method), the program using it breaks

h l b l


64/171

TheSimpleObjectAccessProtocol

SOAP stands for "Simple Object Access Protocol" Used for "Remote Procedure Calls", similar to:

IIOP (for CORBA) and RMI (for Java) Major Distinguishing Features:

SOAP is text-based (uses XML), not binary. It istherefore, Firewall-friendly

It is Programming Language-independent.Therefore, it can call a program in any language

IT uses standard port, since uses standard protocols


65/171

SOAP:RPC&DOC

SOAP is just a standard for sending messages (thusused as an envelope that encapsulates messages)

We can send two types of messages using SOAP: RPC: Remote Procedure Call, a request to call a method DOC: A document (this is used for more complex client -

server communication)

H d th SOAP W k?


66/171

HowdoestheSOAPWork?

SOAP Header Sec@on


67/171

SOAPHeaderSec@on

The SOAP Header can contain information that describes theSOAP request. Example:

5

Here, 5is the transaction ID of which this method is a part. SOAP envelope's mustUnderstandattribute is set to 1, which means

that the server must either understand and honor the transaction

request or must fail to process the message.

SOAP R E


68/171

SOAPResponseonError

There may be many errors in processing a SOAPrequest

Error in Running Method: Error in Processing SOAP Headers:

e.g., Problem running method as part of atransaction

The Main Players in SOAP


69/171

TheMainPlayersinSOAP

There are three components that take part in a SOAPapplication:

Client Application: A program that sends a SOAP request.Wants to use a service.

SOAP Processor: A program that can receive SOAP requestsand act accordingly (e.g., call an method of the Application

Server)

Application Server: A program that supplies the Web service


70/171

Applica@onServer:SomeSimple@ps

The application server providing any Web Service doesnot need anything special.

In fact, your application server need not know that it isbeing used for providing a Web Service!!

A bit th Cli t A li @


71/171

AbitontheClientApplica@on

The SOAP client needs to generate a SOAP request When using Java, you shall need the following packages

in your CLASSPATH to compile: soap.jar mail.jar activation.jar

Tips on Tomcat / Servlet & SOAP Processor


72/171

TipsonTomcat/Servlet&SOAPProcessor

Scenario

Your Tomcat web server needs a web application that isa SOAP Processor

Put soap.war in your /webapps directory To actually run the SOAP Processor, it needs the

soap.jar, mail.jar, activation.jar files in its classpath

Easiest way to get the files in its classpath: Add them tothe directory /lib

Crea@ng the Applica@on Server


73/171

Crea@ngtheApplica@onServer

package hello;

public class HelloServer {public String sayHelloTo(String name) {

return "Hello " + name +

", How are you doing?";}

}

Note:Putapplica@oninapackage.Createajarfilefromthepackageandputthepackagein/lib,sothatitwillbeinTomcat'sclasspath

D l i th W b S i


74/171

DeployingtheWebService

The SOAP Processor must be told aboutyour application. This is called "deploying"

Deployment is a two-step process:Create a deployment descriptorCall the java command that deploys the web

application

Deployment Descriptor


75/171

DeploymentDescriptor

org.apache.soap.server.DOMFaultListener

Thescopeofthe

Objectusedtofulfill

theSOAPRequest.

Applica1onmeansthatallSOAP

requestswillbesent

tothesameobject.

Deployment Descriptor


76/171

DeploymentDescriptor

org.apache.soap.server.DOMFaultListener

Scope of Web Service


77/171

ScopeofWebService

page: The service instance is available until a responseis sent back or the request is forwarded to anotherpage

request: The service instance is available for theduration of the request, regardless of forwarding session: The service instance is available for the entiresession

application: The same service instance is used toserve all invocations

Which of these scope values require us to thinkabout synchronizing access to data members andmethods?

Comple@ng the Deployment


78/171

Comple@ngtheDeployment

Save the deployment descriptor in a file, e.g.,HelloDescriptor.xml

Run the command:java org.apache.soap.server.ServiceManagerClient http://

:/soap/servlet/rpcrouter deploy HelloDescriptor.xml

where and are those of Tomcat

Note that Tomcat must be running for this to workYou can get a list of all deployed web services

using the commandjava org.apache.soap.server.ServiceManagerClient http://

:/soap/servlet/rpcrouter list

Undeploying a Service


79/171

UndeployingaService

You can undeploy a web service, so that itis no longer recognized by the SOAP

Processor using the command

java org.apache.soap.server.ServiceManagerClient http://:/soap/servlet/rpcrouter undeploy urn:helloApp

Note that the last argument is the URI ofthe web service to be removed

Whatmusttheclientdo:A


80/171

SummaryNote

Create the SOAP-RPC call Set up any type mappings for custom parameters Set the URI of the SOAP service to use Specify the method to invoke Specify the encoding to use Add any parameters to the call Connect to the SOAP service Receive and interpret a response

Note on Parameters


81/171

NoteonParameters

It must be possible to "serialize" the parameters thatthe method invoked receives and returns.

The following have default serialization/deserialization:

primitive types: int, long, double, etc. primitive Objects: Integer, Long, Double, String, etc. complex Objects: Vector, Enumeration, Hashtable, arrays easy to use JavaBeans

Crea@ngtheServer


82/171

g

When the application server is a script, thescript is actually put in the deployment

descriptor

Need the jar files bsf.jar andjs.jar Put them in your /lib

directory


83/171

UDDI-UniversalDescrip@on,

DiscoveryandIntegra@onService

UDDIisastandardfordescribingand

findingwebservices

UDDI Business Registry (UBR), Public


84/171

UDDIBusinessRegistry(UBR),Public

Cloud

Nodes contain all UDDI information Nodes are synchronized, so they retain the

same data

You can query any nodeYou can add UDDI to a node, and it will be

replicated to all others

Interac@ng with the UDDI


85/171

Interac@ngwiththeUDDI

UDDI is itself a web service!!! Interaction is via SOAP messages The JAXR package defines a standard way to interact

with registries (can work with other types of registriestoo, e.g., ebXML)

Two types of interaction:

Inquiry: Does not need authentification Publish: Needs authentification


86/171

WSDL-WebServicesDescrip@onLanguage

Describing a Web Service


87/171

DescribingaWebService

SOAP is just one standard to access a web service,there are many others (XML-RPC)

Need a standard way to describe a Web Service: the methods available their parameters etc.

WSDL is a standard for describing web services usingXML

UPnP Services


88/171

UPnPServices

Description is stored as XML file Control via SOAP messages: SOAP developed for

web service

Most every language/platform has SOAP/XMLlibraries

Event notification with XML in General EventNotification Architecture

Presentation URL can be supplied by device

TheOSGi


89/171

OSGi is open, standards-based, language-neutral and OS-neutral

Consists offramework in which bundles ofservices that register with a registry can run

Runs atop the Java 2 Runtime Environment(J2RE)

OSGi Service Specifica@ons


90/171

OSGiServiceSpecifica@ons

Logging service Web server Device access Configuration service Preferences service

User administrationservice

Permissionadministrationservice

Packageadministration

service

ClientAuthen@ca@onovertheInternetworks


91/171

There exist four possibilities: No Authentication Basic Authentication Moderate Authentication Advanced Authentication

Basic Authentication: It may be provided as an extension tothe HTTP 1.1 (HHTP: RFC 2616, Extn.: RFC 2617)

Moderate Authentication: Digest Access Authenticationusing Challenge-Response technique

Advanced Authentication: There are two choices, dependingupon the requirements:

Kerberos-based Authentication (K-5: RFC 1510) Public-Key Cryptography-based Authentication (SSL:

RFC 2246, TLS: RFC 2818)

BASIC AUTHENTICATION


92/171

Client may use it to authenticate itself toeither the Origin Server or an intermediateProxy Server.

In this basic scheme, if an unauthorizedaccess attempt is made by a client, server /proxy sends it back an Error Code: 401 /407: Unauthorized Access Error

However, server / proxy may ask / challengethe requesting client to supply / respond toone or more pieces of information and if the

client sends the correct iece s in its

AUTHENTICATION


93/171

AUTHENTICATION

In this scheme, users ID and his/herpassword are transmitted using base64-endedplaintext.

This clearly is as insecure as the defaultTelnet authentication scheme.

Moderate andAdvanced schemes ofauthorization attempt to tackle this issue byoffering cryptographic measures.

ModerateAuthoriza@onusingDigest


94/171

Access

In this case, a client requesting a restrictedservice receives a nonce-challenge from theserver and is expected to generate a

message digestusing this nonce containingthe user Id, password, numeric value of thereceived nonce, the requested HTTPmethod and the URI.

This digest is then transmitted over theinsecure network to the server who upon

receipt, knowing the nonce and algorithm

AdvancedAuthen@ca@onusingSSL/TLS


95/171

TLS

In this case, as discussed earlier, if a client requestsan access to a restricted service, the servergenerates a random secret / challenge to the client.

Client is expected to respond by signing the sentchallenge by using its Private Key and transmit thissigned response along with its digital certificate.

Upon receipt, the server verifies the authenticity ofthe certificate, extracts clients public-key from it

and using this verifies the clients signature.

If the process succeeds, the client is granted accessto the requested service / resource.

Applica@onsonrespec@ve


96/171

devices/deviceclusters

Client-side Issues,

Middleware-specific Issues

Server-side Issues

Role of Network Security in


97/171

RoleofNetworkSecurityin

PervasiveCompu@ng

Environments

Interac@on Points


98/171

Interac@onPoints

Brief introduction to Network andinternetwork Security Principles

Various forms and mechanisms ofsecurity

Influence of Network Security onPervasive Computing Systems

Discussion

Networks Internetworks & Security


99/171

(c)RahulBanerjee,BITS,

Pilani(India) 99

Networks,Internetworks&Security

Network AComputer Network is an interconnected group of autonomouscomputing nodes which:

Use a well-defined, mutually-agreed set of rules and conventionsknown as Protocols,

Interact with one-another meaningfully; Allow resource-sharing preferably in a predictable and controllable

manner.

Internetwork A network of two or more networks is called an Internetwork Participating networks in an Internetwork may be

interconnected for restricted or unrestricted resource sharing

Security Security is often viewed as the need to protect one or more

aspects of networks operation and permitted use (access,behaviour, performance, privacy and confidentiality included),

Security requirements may be Local or Global in their scope,depending upon the network

s or internetwork

s purpose ofdesi n and de lo ment.

Criteria for Evaluating Security Solutions


100/171

(c)RahulBanerjee,BITS,Pilani

(India) 100

g y

Abilitytomeetthespecifiedneeds/requirementsEffec@venessofApproachAcrossNetworksCompu@ngResourcesNeededvis--visthevalueoftheprotec@onoffered

QualityandScalabilityAvailabilityofMonitoringmechanismsAdaptabilityandFlexibilityPrac@cabilityfromSociological/Poli@calperspec@veEconomicconsidera@ons&Sustainability

Classifica@on of Security Problems: Access


101/171


Pilani(India) 101

Classifica@onofSecurityProblems:Access

BreachesinInternetworks

(S/W&H/W)Inten@onal/Non-Inten@onalAccessBreaches

Origin-basedAccessBreachesCentralized/DistributedAccessBreachesServiceBlocking/Overwhelming/Redirec@on/Abuse/Modifica@on/Termina@on-basedAccessBreaches

Periodic/AperiodicApplica@on-Data/Control-DataAccessBreachesEvent-basedAccessBreaches

Storage-basedAccessBreaches

Of Security AYacks, Security Threats, Security


102/171


Pilani(India) 102

OfSecurityAYacks,SecurityThreats,Security

MechanismsandSecurityServices

Security Attack => compromises theinformation-system security

Security Threat => has potential for securityviolation

Security Mechanism => detects / locates /identifies / prevents / recovers from security

attacks

Security Service => enhances security,makes use of the security mechanisms

Ac@ve versus Passive AYacks


103/171


Pilani(India) 103

Ac@veversusPassiveAYacks

Active attacks involve active attemptson security leading to modification,redirection, blockage or destruction ofdata, devices or links.Examples:

Replay attacks Masquerade attacks Modification / corruption of data or access

control bits

Denial-of Service attacks Passive attacks involve simply

getting access to link or device andconsequently data.

A typical Internetwork Model of Security


104/171


Pilani(India) 104

AtypicalInternetworkModelofSecurity

Par@esinvolved: Sender Receiver Interceptor(Passive/Ac@ve)

Devicesinvolved: TransmiYer Receiver Encoder Decoder

Linksinvolved: DataandControlsignaltransmissionlinks

Iden@fica@onofSourcesofSecurity


105/171


Pilani(India)105

Problems

Importance of Identification of sources Strategic importancefor planning, preventing

and / or countering

Importance with respect to Sensitivity-analysisand Economic-impact-analysis and pro-activeprotection

Possible Approaches for Analysis Monitoring-based approaches

Log-basedAgent-based

Non-monitoring approaches Model-based Experimental Replication-based

Role of Cryptography, OS & Configura@on


106/171


Pilani(India)106

RoleofCryptography,OS&Configura@on

Role of Cryptography Secret-key cryptography Public-key cryptography

Role of Operating Systems Built-in OS Security at the Kernel-level Support for Cryptographic APIs Network Protocol Stack implementation

decision-based security

Role of Configuration in Security

Network configuration OS configuration

Application configuration Security System configuration

On the Internetwork Cryptography


107/171


Pilani(India)107

OntheInternetworkCryptography

Internetwork Cryptography aims to handle internetwork-specific or network-specific issuesand

problems involving authentication, integrity andsecrecy / confidentiality / privacy.

Cryptography can existwith or withoutnetworks but Internetwork / NetworkCryptography specifically addresses theInternetwork / Network needs /requirements and is thus a subset of generalcryptography.

Symmetric-KeyCryptography


108/171


Pilani(India)108

y y yp g p y

Symmetric-Key cryptography is calledso since in this class of cryptographicalgorithms, encryption as well asdecryption processes are performed

using the same (i.e. symmetric) key.

The algorithms / schemes / programsthat use this paradigm are often

termed as Symmetric-Key Ciphers /Private-Key Ciphers / Secret-KeyCiphers / Conventional Ciphers etc.

In such cases, Plaintext, Encryption-

CharacterizingtheSymmetricKeyCiphers


109/171


Pilani(India)109

g y y p

This is often done by: Choice ofkey-space Key-derivation / identification within the key-

space

Number of cycles involved in encryption /decryption process

Choice of operations (or choice of type ofoperators) that are used in the process ofencryption / decryption

Number of internal algorithms that form the finalscheme of enciphering / deciphering Role, if any, of the compression algorithms /

schemes in adding the security value

SomeMoreBasics


110/171


Pilani(India)110

Any cryptographic scheme is safe if andonly if it is unbreakable in reasonabletime using feasible resources in spite ofthe intruders being aware of:

Encryption and decryption algorithm Size of the key Kerckhoffs Principle: Security of

conventional encryptiondepends

only upon the Secrecy ofthe Key, andnot on the Secrecy of theAlgorithm.

Strength of the algorithm and the size ofkey remain two important factors in

OntheSecureDeploymentofthe

Conven@onal (Secret Key) Cryptography


111/171


Pilani(India)111

Conven@onal(Secret-Key)Cryptography

Requirements for securedeployment of conventionalcryptography:

Availability ofa strongEncryption Algorithm Secure distribution ofthe Secret Key to the intended

recipients

Kerckhoffs Principle remains a guiding

line for the research on conventionalcryptography and its real-life use ininternetworks.

Uncondi@onallySecureVersusComputa@onallySecure

h


112/171


Pilani(India)112

Encryp@onSchemes

Unconditionally Secure Encryption schemes: Here, the generated Ciphertext simply does not have

adequate informationto allowdiscovery ofthe uniqueplaintextirrespective of the amount of Ciphertext

available (as well as irrespective of the computational

resource available) to the attacker.

Computationally Secure Encryption schemes

Here, the cost of decipheringexceeds the value ofenciphered information

Time needed to decipherexceedsthe lifetime of theenciphered information

DigitalSignatures


113/171


Pilani(India)113

A Digitally-signed Communication is amessage that has been processed by acomputer in such a manner that ties themessage to the individual that signedthe message.

Criteria for Digital SignaturesTechnology: An acceptable technology must be capable of

creating signatures that conform to

requirements:It is unique to the person using it;It is capable of verification;It is under the sole control of the person

using it;

Signature Dynamics


114/171


Pilani(India)114

SignatureDynamics

TheSignatureDynamicsTechnology: Itisanacceptabletechnologyforusebypublicen@@esthatusesasthemeansthemetricsoftheshapes,speedsand/orotherdis1nguishing

featuresofasignatureasthepersonwritesitbyhand.

Itinvolvesbindingthemeasurementstoamessagethroughtheuseofcryptographictechniques.

SignatureDigestistheresul@ngbit-stringproducedwhenasignatureis@edtoadocumentusingSignatureDynamics.

DigitalCer@ficates


115/171


Pilani(India)115

Digital Certificate: It refers to acomputer-based record which:

identifies the certification authorityissuing it;

names or identifies its subscriber;contains the subscriber's public key;

and

is digitally signed by the certificationauthority issuing or amending it &

conforms to widely-used standards.

Relatedterms:


116/171


Pilani(India)116

Related terms:

Certification Authority: This refers to anentity that issues a certificate, or in the caseof certain certification processes, certifiesamendments to an existing certificate.

Key Pair: This refers to a private key and itscorresponding public key in an asymmetriccryptosystem. The keys have the property

that the public key can verify a digitalsignature that the private key creates.

AfewmorepointsonDigitalCer@ficates


117/171


Pilani(India)117

One of the simplest ways to describe the function of aDigital Certificate is to treat it as a means to verify thegenuineness of the Public-Key.

Just as the individuals / groups are normally assignedDigital Signatures, the corporate merchants and E-Commerce / I-Commerce Gateways are issued DigitalCertificates for proving their authenticity to others.

Certificate Expiry: Most of the certificates have theirperiod of legal validity as marked by the issuingentity / authority, after which it is considered asinvalid or expired.

Certificate Revocation: If the Certificate is found to becompromised, it may be explicitly revoked by theCertificate Authority (CA) and included in thesubsequently published Certificate Revocation List.

Certificate Validation: It refers to the verification ofthe Certificate Chain.

WhoarethecommonCer@ficate


118/171


Pilani(India)118

Authori@es?

AspertheSecureElectronicTransac@ons(SET)standard,thefollowingCAsmayexist:1. TheRootCer@ficateAuthority(RCA)2. TheBrandCer@ficateAuthority(BCA)3. TheGeo-Poli@calCer@ficateAuthority(GCA)

4. TheMerchantCer@ficateAuthority(MCA)5. ThePaymentGatewayCer@ficateAuthority

(PGCA)

6. TheCardholderCer@ficateAuthority(CCA) Cer@ficateCategories:

1. MerchantCer@ficates2. CardholderCer@ficates

The Hierarchical CA Architecture


119/171


Pilani(India)119

TheHierarchicalCAArchitecture

The Root Certificate Authority (RCA)

The Brand Certificate Authority (BCA)

The Geo-Political Certificate Authority(GCA)

MCA PGCA CCA

Merchant

Certificates

Payment

Gateway

Cardholder

Certificates

Whoissuesandsignsthe


120/171


Pilani(India)120

Cer@ficates?

A Certificate Authority is a Trusted entitythat issues, monitors, revokes, modifiesand cancels digital certificates for a

subscribers holding / requiringcertificates.

A digital certificate is signed with CAsprivate key.

In principle, certificates can be of severaltypes including Institutional AuthorityCertificates and Web Server Certificates.

Stepsinvolved


121/171


Pilani(India)121

1.A pair of Private and Public keys is created bythe Requester.

2.Requester generates and encrypts a CertificateRequest using its private key and sends thecertificate request to your chosen CA .

3.CA initiates and completes a process to verifythe correctness of the information supplied bythe Requester.

4.The certificate for the Requester (who hereafterbecomes a Subscriber) is signed by a device that

holds the private key of the CA.5.The certificate is sent to the Subscriber.6.A copy of the issued Certificate is kept in

certificate repository / directory (so that usingLDAP etc. Certificates could be retrieved).

Cer@ficaterevoca@on


122/171


Pilani(India)122

Certificate revocation: Canceling acertificate before than its originallyscheduled validity period.

Certificate Revocation Lists (CRL)A CRL is a time-stamped list ofrevoked certificates

Online Certificate Status Protocol isused for online verification.

TrustedversusUntrustedNetworks


123/171


Pilani(India)123

My Network (PAN/LAN) Fully Trusted Partly Trusted

Our Network (LAN/MAN/WAN/WAI) Fully Trusted Partly Trusted Unsure

Other Networks (LAN/MAN/WAN/WAI)

Partly Trusted Untrusted

TheNetworkPerimeter


124/171


Pilani(India)124

A Network / Internetwork Perimeter is asecure boundary of a network that mayinclude some or all of the following:

Firewalls Routers IDSVPN mechanisms DMZ Screened subnets

DMZ is outside the Firewall Screened subnet is an isolated sub-

network connected to a dedicatedfirewall interface

IntrusionDetec@onSystem


125/171


Pilani(India)125

Intrusion Detection System (IDS) isa system that comprises of mechanisms / devices

involving one or more IntrusionDetection Sensors (traffic monitoringdevices / mechanisms) placed atsecurity-wise strategic locations; and,

Has been designed to detect anyknown or likely intrusion into theprotected network.

Types of IDS: Network-based IDS (NIDS) : Subnet-resident Host-based IDS (HIDS) : Host resident

Sensor reporting may involveseveral forms like logs, database

InternetworkFirewall


126/171


Pilani(India)

126

Firewall is an internetwork securitydevice that

serves on the only access route thatconnects the internal network /internetwork (i.e. the segment to be

protected) to the external network (s) /internetwork (s); and,

decides about physically allowing / denyingentry / exit to / from the protected segment

using a set of policies (often manifested interms of rules) is called a Firewall.

A Firewall may be implemented inhardware / software / firmware or acombination of these.

Characteris@csofInternetFirewalls


127/171


Pilani(India)

127

Characteristically, an Internet Firewall exhibits securitymeasures and internetwork-control-mechanisms relatedto but not necessarily limited to: Internet services as separated from the intranet services Service-based directional traffic User-specific / Class-specific / Group-specific service access Service-usage / deployment-behaviour Origin-specific / Destination-specific service / traffic /

monitoring / QoS-security bindings

Relaying / blocking / redirection of encapsulated and / orencrypted traffic

A common assumption (though debatable) made is thatthe Firewall itself is incorruptible / impenetrable

A firewall works under the assumption that it is solelyresponsible for blockade / allowance of any trafficbetween two or more than two networks / internetworksseparated by it.

Whatdoesafirewalldo?


128/171


Pilani(India)

128

As part of an Internetwork Security System, a

firewall:Allows defining exit and entry points for traffic

from and to the internal protected network /intranet

Offers a set of mechanisms and a set of locations /points for supervising security-sensitive activities /events / behaviour

Provides network-level encapsulation, encryption,decryption, decapsulation, tunnelling services

Permits a variable-security facility-zones creationthat may also offer some functionalities notnecessarily related to the security function that isthe primary function of the firewall

Supports creation and interpretation of structuredlogging mechanisms and files for a variety of

ur oses.

WhataFirewalldoesnotdo?


129/171


Pilani(India)

129

A Firewall is not meant for:

Virus / Worm / Trojan Horse / Logicbomb detection

Virus / Worm / Trojan Horse / Logicbomb removal

Semantic analysis of the application-to-application messages with certainexceptions

Protecting a network / internetworkfrom a trusted entity (client / server /user) or an internal authorized userwith adequate privileges

Protecting from power, link or protocolfailure

Cons@tuents&TypesofaFirewall


130/171


Pilani(India)

130

Firewall Constituents:(some of these can serve as firewalls aswell)Application-level Gateways and Proxies Transport-level / Circuit-level Gateways and Proxies Network-level Gateways / Routers Packet filters (also known as Static Packet Filtering

Firewalls)

Bastion Host Screened Host

Types of Firewalls: Stateless Firewalls Stateful Inspection-based Firewalls Perimeter Firewalls Screened Host Firewalls Intranet Firewalls Internet Firewalls Extranet Firewalls

Examples of Commercial Firewalls


131/171


Pilani(India)

131

ExamplesofCommercialFirewalls

Static Packet Filtering Firewall(implemented on a Router):

Example:

Nortels Accellar Router

Firewall Proxy Firewall:

Example:

Secure Computings

Sidewinder Firewall

Stateful Inspection-basedFirewall:

Example:

VirtualPrivateNetworks


132/171


Pilani(India)

132

AVirtual Private Network (VPN) is a mechanismthat allows establishment of aprotected session

betweentwo network nodes / serviceslocated in / ontwo different protected networks / internetworksseparated by unprotected / untrusted / insecure(often public) networks / channels / infrastructure.

Example: Nortels Contivity, Ciscos VPN 3000Concatenator Another perspective: SSH, TLS, SSL, IPSec, L2TP,PPTP are choices providing different types ofsecurity at different layers.

Although, all of these could be reused in anappropriately designed VPN mechanism, often theL-3 and L-2 mechanisms are preferred by manyVPN designers.

Often, people refer to a VPN as a security device /mechanism on the perimeter of the protectednetwork / internetwork that allows encrypted

sessions.

AdvantagesofVPNs


133/171


Pilani(India)

133

g

Capability to access remotenetwork as if there exists aprivate channel to that network

Several security optionsavailable to provide a range ofsecurity

Adequacy of lower-strengthencryption schemes on certain

occasions Cost-effective if well-designed,

well-implemented and well-configured

Can be uickl im lemented

DisadvantagesofVPNs


134/171


Pilani(India)

134

Requirement of encryption, decryption,encapsulation and decapsulation induce a sizeableprocessing overhead, packet overhead and storageoverheads and may introduce latency as well asincrease cost of service

In some cases, if designed ad-hoc, certain networkinstallations may pose additional challenges inadding the VPN functionality due to the addedoverhead in packet processing.

Intricate design issues, unless handled carefully,may actually serve to lower the network

performance without really bring correspondingincrease in the security level of the network.

Implementation issues include VPN pass throughissues, NAT-specific issues and MTU-size relatedissues

DefiningtheControlZone


135/171


(India)

135

g

The Control Zone:Consider a typical electronically controlled device like atape drive, hard disk drive or other gadget that operates in

an unshielded environment. Each such device emits signals

that can be sensed within a zone called Control Zone.For security reasons, it is important that:

No important information about any device operationleaks out of the target environment

No external body should be able to make use ofcontrol or data signals related to this device

TheConceptofSecurityServices


136/171


(India)

136

Authentication ServiceAccess Control ServiceAvailability ServiceConfidentiality ServiceIntegrity ServiceIdentification: Author, Authorization, Endorsement,Approval, Access, Concurrence, Licensing, Certification,

Signature, Witness, Validation, Timestamps, Authenticity,

Ownership, Registration, Privacy / Confidentiality /Secrecy

Non-Repudiation Service

GSM network architecture


137/171

GSM network architecture

BSC

MSBTS

EIR

AUC

HLR

VLR

MSC

OMC

Um

A-bis

Voice Traffic

Mobility

mgt

A

PSTN/ISDN

(c) Source: http://choices.cs.uiuc.edu/MobilSec/posted_docs/

800,900,1900Mhz

Licensed&

expensiveSubscribermodelStartedoutlikePSTN,and

gengmore

complexPre-paid,

premiumrateSMS

WAP security architecture

WirelessApplica@onProtocol


138/171

WAP security architecture


Bluetooth security architecture


139/171

Bluetooth security architecture

(c) http://www.cs.hut.fi/Opinnot/Tik-86.174/Bluetooth_Security.pdf

IEEE 802.11 architecture


140/171

(c) Source: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winxppro/reskit/prdc_mcc_ardu.asp

Mobile IP


141/171

Mobile IP

Foreign Agent (FA)Home Agent (HA)

[email protected]

(c) Source: http://www.iab.org/Workshops/IAB-wireless-workshop/

Bindingupdateissue:IfIchangeFAhowdoItellhomeagentandpreviousFAsuchthatno-oneelsecanspoofthatmessage?

Andinaperformant,scalablemanner?MobileIPv6hasthisproblem(noFAthough,justcare-ofaddress)

J2ME


142/171

J2ME

J2ME includes somesecurity primitives forcode signing and tosupport (some)

application security

(c) Source: http://choices.cs.uiuc.edu/MobilSec/posted_docs/ & (c) Sun Microsystems Inc.

Common security issues

O h i (OTA) fid i li


143/171

Over the air (OTA) confidentialityBut don't ignore e.g. Microwave links usedafter a base station!

Data origin authentication/integrity forsome data and some origins

Bad use of cryptography Various types of fraud

Cloning of hostsRe-direction to premium rate

Authentication of node or user?

Security relevant differences


144/171

Security relevant differences

GSM's subscription model vs. 802.11'slack of a subscriber model

GSM Security


145/171

GSM Security

A3

Mobile Station Radio Link GSM Operator

A8

A5

A3

A8

A5

Ki Ki

Challenge RAND

KcKc

mi Encrypted Data mi

SIM

Signed response (SRES)SRESSRES

Fn Fn

Authentication: areSRES values equal?

GSM crypto breaks


146/171

Several researchers have developed breaksof GSM's use of encryption

Typically involve some known plaintext and quiteintensive (though do-able) memory and processing

e.g. Goldberg, Wagner, Green: requires difference in theplaintext of two GSM frames, which are exactly 2^11frames apart (6 seconds) with time complexity of 2^16 dotproducts of 114 bit vectors.

Base stations can also be impersonated

No authentication of BSC to ME!


GSM Attack Details


147/171

GSM Encryption uses A5:A5/0 no encryptionA5/1 - strong encryptionA5/2 - export (i.e. designed weak) encryption

All use a 64-bit key generated from thenetwork's challenge

Same key bits regardless of algorithm!!!

GSM Attack Details (2)


148/171

A5 is a stream cipherApplied after error correcting bits are

added

even though the attacker might not knowthe values of particular input bits,

they know that certain groups of them XORto 0

taking the same groups of encrypted bitsand XORing them

reveals the corresponding XOR of thekeystream bits



149/171


Numbers:A5/2 passive attack (eavesdropping)

requires milliseconds of ciphertext!

A5/1 ciphertext only attack: 5 minutes of intercepted frames (doesn't have

to be one call)

4.4 terabytes of disk a lab full of 2003 AD type PCs for a year's worth

of one-time precomputation

Active attacks: bid down to A5/2

Wardriving / boating

IEEE802.11security


150/171

g g

http://www.catalina42.org/war-sail/

Picking up IEEE 802.11access points as you cycle/drive/fly/sail past Many of these give(sometimes intentionally)open access to the Internet

802.11 security overview


151/171

Good setup depends on network topology There are a few choices

WEP is broken and IPsec should be usedinstead as much as possible (probably intunnel mode)

TLS should then be used wherever sensible aboveIPsec (e.g. IMAP over SSL)

Then secure applications should be usedwhere possible

Probably based on proprietary protocols (whichmay make use of standard constructs likePKCS#7)

WEP Encapsulation


152/171

p

802.11 Hdr Data

WEP Encapsulation Summary:

Encryption Algorithm = RC4Per-packet encryption key = 24-bit IV concatenated to a pre-shared keyWEP allows IV to be reused with any frame

Data integrity provided by CRC-32 of the plaintext data (the ICV)Data and ICV are encrypted under the per-packet encryption key

802.11 Hdr DataIV ICV

Encapsulate Decapsulate

Properties of Vernam Ciphers(1)


153/171

( )

The WEP encryption algorithm RC4 is a Vernam Cipher:

Pseudo-randomnumbergeneratorEncryption Key K

Plaintext data bytep

Random byte b

Ciphertext data bytec

Decryption works the same way:p = cb

Properties of Vernam Ciphers(2)


154/171

( )

Thought experiment 1: what happens whenp1 andp2 areencrypted under the same random byte b?

c1 =p1b c2 =p2bThen:

Conclusion: it is a very bad idea to encrypt any two bytes of datausing the same byte output by a Vernam Cipher PRNG.

c1c2 = (p1b) (p2b) =p1p2

How to Read WEP EncryptedTraffic (1)


155/171

Traffic (1)

By the Birthday Paradox, probability Pn two packets will share same IVafter n packets is P2 = 1/2

24 after two frames and Pn = Pn1 + (n1)(1Pn1)/224 for n > 2.

50% chance of a collision exists already after only 4823 packets!!!Pattern recognition can disentangle the XOR-ed recovered plaintext.Recovered ICV can tell you when youve disentangled plaintext correctly.After only a few hours of observation, you can recover all 224 key streams.

802.11 Hdr DataIV ICV

24 luxurious bits Encrypted under Key +IV using aVernam Cipher

How to Read WEP Encryptedff ( )


156/171

Traffic (2) Ways to accelerate the process:

Send spam into the network: no pattern recognitionrequired!

Get the victim to send e-mail to you The AP creates the plaintext for you!

Decrypt packets from one Station to another via anAccess Point

If you know the plaintext on one leg of the journey, you canrecover the key stream immediately on the other

Fixing WEP Protect against ALL known threats:


157/171

g IV Collisions Weak Keys Message Forgery Replay Two alternatives: Short-term and long-term

Short-term: Temporal Key Integrity Protocol (TKIP) Does not require new hardware (but firmware/

software)

Some performance penalty Longer term

Move to AES based primitives with proper keymanagement

The 802.11x security scheme


158/171

A reasonable 802.11configuration


159/171

g

http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf

WLAN topologies


160/171

p g

Sensible network topologiesCorporate (small WLAN)Corporate (widespread WLAN)Service providerVolunteerism

Network topology issuesNetwork accessAddress allocation (DHCP)NAT/private addressesFirewall location and rulesets

Some Interesting Networks Mobile Ad-hoc networks:


161/171

Idea is that a network emerges from nodeswhich just happen to be in the vicinity(AODV)

Delay tolerant networks Sensor networks Issues:

Mainly academic at the momentSecurity not really thought all the waythrough for these yet

Pervasive / Ubiquitous Computing

Wh t if l d d l d f thi (d TV


162/171

What if loads and loads of things (doors, TVs,couches) were nodes on a network? Hot topic How do you secure these systems?

TCD and partners SECURE project http://secure.dsg.cs.tcd.ie/

Conclusions (1)


163/171

There are a range of different types of mobilenetwork GSM and 802.11 are the interesting ones

Security hasn't been handled well for these Nor was it for the wired Internet for a loooong time! There are substantial security problems with

today's deployed mobile networks

So, overlaying a VPN is probably a good ideain most cases

And overlay that with TLS and that with applicationsecurity if you can

Conclusions (2)

U ll l i t l f bil


164/171

Users are generally less in control of mobilenetworks Bandwidth is allocated Manufacturer/Operator/Subscriber model differs

from wired Internet

e.g. Closed operating systems Network security is given and not easily fixed/

managed

So, try to gain control of your applications andtry to secure the applications themselves Better if wireless technology changes anyway Can create a porting headache though

Acknowledgements


165/171


Pilani(India)165

Some of these slides have been inspiredby / borrowed from some well-receivedpresentations made in different partsof the world.

All inspired / reused slides either carrytheir respective copyrightinformation on them or have beenacknowledged about their sources in agroup just after / before their respectiveusage herein.

These slides are being used here purelyfor instructional purposes during a livesession for the registered students of

Anyques@ons?


166/171


Pilani(India)166

Thank you!


167/171

Case-StudyofofaNetwork-Based

Mul@-siteCollabora@onSystemDesign

BITS-Connect 2.0 built atop theMPLS Cloud, not cloud computing!


168/171


Project BITS-Connect 2.0

The Immersive Tele-presence Rooms

Thi i h


169/171


This is how an18-seaterimmersive tele-

presence room

looks like at all

the Indiancampuses.

Chancellorsofficeisequippedwith

onetwo-seater

system

References


170/171

Larry L. Peterson & Bruce S. Davie: Computer Networks: A Systems Approach,Fifth Edition, Morgan Kaufmann / Elsevier, New Delhi, 2011.

S. Keshav: Computer Networking: An Engineering Approach, PearsonEducation, New Delhi, 1997.

A. S. Tanenbaum: Computer Networks, Fifth Edition, Pearson Education, NewDelhi, 2012.

Y. Zheng and S. Akhtar: Networks for Computer Scientists and Engineers,Oxford University Press, New York, 2002.

A. Leon Garcia and I. Widjaja: Communication Networks: FundamentalConcepts and Key Architectures, Second Edition, Tata McGraw-Hill, New Delhi,2004.

Mohammed G. Gouda: Elements of Network Protocol Design, Wiley StudentEdition, John Wiley & Sons (Pte.) Ltd., Singapore, 2004.

Thomas G. Robertazzi: Computer Networks and Systems: Queuing Theory andPerformance Evaluation, Third Edition, Springer-Verlag, New York, 2000.

15/02/13 (c)Dr.RahulBanerjee,BITSPilani,INDIA 170

References


171/171

Larry L. Peterson & Bruce S. Davie: Computer Networks: A Systems Approach,Fifth Edition, Morgan Kaufmann / Elsevier, New Delhi, 2011.

S. Keshav: Computer Networking: An Engineering Approach, PearsonEducation, New Delhi, 1997.

A. S. Tanenbaum: Computer Networks, Fifth Edition, Pearson Education, NewDelhi, 2012.

Y. Zheng and S. Akhtar: Networks for Computer Scientists and Engineers,Oxford University Press, New York, 2002.

A. Leon Garcia and I. Widjaja: Communication Networks: FundamentalConcepts and Key Architectures, Second Edition, Tata McGraw-Hill, New Delhi,2004.

Mohammed G. Gouda: Elements of Network Protocol Design, Wiley StudentEdition, John Wiley & Sons (Pte.) Ltd., Singapore, 2004.

Thomas G. Robertazzi: Computer Networks and Systems: Queuing Theory andPerformance Evaluation Third Edition Springer-Verlag New York 2000

CSC461-CN-Lecture-15-Feb.-13-2013

Documents

Transcript of CSC461-CN-Lecture-15-Feb.-13-2013