Presentation is loading. Please wait.

Presentation is loading. Please wait.

TIP: Transaction Internet Protocol n Proposed as an Internet Standard. Backed by Microsoft and Tandem.Backed by Microsoft and Tandem. n Heterogeneous Transaction.

Published byEvangeline Hodges Modified over 8 years ago

Similar presentations

Presentation on theme: "TIP: Transaction Internet Protocol n Proposed as an Internet Standard. Backed by Microsoft and Tandem.Backed by Microsoft and Tandem. n Heterogeneous Transaction."— Presentation transcript:

1 TIP: Transaction Internet Protocol n Proposed as an Internet Standard. Backed by Microsoft and Tandem.Backed by Microsoft and Tandem. n Heterogeneous Transaction Managers can implement TIP to communicate with each other.

2 ‘Conventional’ vs. Internet Transaction Processing Conventional: OSI TP, LU6.2 One-pipe: n the application may only use the comms services supported by the transaction protocol. Internet: ‘Open’: TIP? Two-pipe?: n inter-application communication via some other protocol.

3 TIP Design

4 TIP: Two-pipe model Site A ApplicationProgram TIP API TIP txn manager Site B ApplicationProgram TIP API TIP txn manager Pipe 1 Pipe 2 TIP commit protocol

5 A Browsing Transaction User’s Web Browser Server A Server B Server C (1) Initiate txn (2) txn URL (3) PUSH txn (4) txn URL (5) PULL txn

6 A C PUSH ‘txn1a’ PUSH ‘txn1c’ D PUSH ‘txn1b’ B PUSH ‘txn1a’ Multiple inclusions of a site

7 TIP vulnerability n communication is pairwise point-to- point. n Vulnerable to single link failures

8 TIP Security n Requires Secure-HTTP/SSL/TLS with encryption andencryption and end-to-end authentication.end-to-end authentication. n Operator intervention is needed when the commit protocol fouls up. How will this work on the Internet?How will this work on the Internet?

9 Internet Transaction Security n Big value transactions will not be conducted in this way. n Thus any scams will take the form of having a small effect on a large number of tranactions. (Salami scams.)

10 SSL/TLS does NOT solve all of the problems n TIP with TLS does not ensure non- repudiation. n Various Denial-of-Service attacks are possible. n A rogue participant could block progress by refusing to commit.

11 Denial-of-Service n PULL-based: A rogue company that knows the transaction ID sends a PULL to a site then close the connection.A rogue company that knows the transaction ID sends a PULL to a site then close the connection. n PUSH-based Flood a sites with PUSHes so that it cannot service legitimate requests.Flood a sites with PUSHes so that it cannot service legitimate requests.

12 Broken connection n If a site loses its connection to its superior, the rogue sites sends it a RECONNECT command and tells it the wrong result of the commit.

13 Repudiation n General point about how to repudiate: n The site that wants to repudiate a transaction can always cause itself to crash and then recover, meanwhile losing all information that was in vulnerable storage.

14 Repudiation n n Interaction of 2PC and authenticated protocol messages The semantics of the authenticated messages only apply if the txn is committed.

15 Repudiation n n If a message from A to B is part of a 2PC protocol, then B’s possession of the digital signature proves nothing. A can claim: Yes, that was sent, but the action was rolled back. B must prove that the action was committed. B must also prove that the message was part of that txn.

Download ppt "TIP: Transaction Internet Protocol n Proposed as an Internet Standard. Backed by Microsoft and Tandem.Backed by Microsoft and Tandem. n Heterogeneous Transaction."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Working with the Internet

Working with the Internet
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
A Few Slides on TIP (Transaction Internet Protocol)

A Few Slides on TIP (Transaction Internet Protocol)
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
HTTP Cookies. CPSC 441 - Application Layer 2 User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP.

HTTP Cookies. CPSC Application Layer 2 User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.

More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Systems of Distributed Systems Module 2 -Distributed algorithms Teaching unit 3 – Advanced algorithms Ernesto Damiani University of Bozen Lesson 6 – Two.

Systems of Distributed Systems Module 2 -Distributed algorithms Teaching unit 3 – Advanced algorithms Ernesto Damiani University of Bozen Lesson 6 – Two.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
The Architecture of Transaction Processing Systems

The Architecture of Transaction Processing Systems

Similar presentations

Ads by Google