Computer Science Computer Science Department Boston University 14 August, 2002 7th International Workshop on Web Content Caching and Distribution (WCW.

Slides:

Advertisements

Similar presentations

Web 2.0 Programming 1 © Tongji University, Computer Science and Technology. Web Web Programming Technology 2012.

Advertisements

1 Verification by Model Checking. 2 Part 1 : Motivation.

Global Value Numbering using Random Interpretation Sumit Gulwani George C. Necula CS Department University of California, Berkeley.

Network Aware Forward Caching Presenter: Alexandre Gerber Jeffrey Erman, Mohammad T. Hajiaghayi, Dan Pei, Oliver Spatscheck AT&T Labs Research April 24.

Slide 1 Insert your own content. Slide 2 Insert your own content.

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

1 Formal Modeling & Verification of Messaging Framework of Simple Object Access Protocol (SOAP) Manzur Ashraf Faculty,BRAC University.

1 CompChall: Addressing Password Guessing Attacks IAS, ITCC-2005, April 2005 CompChall: Addressing Password Guessing Attacks By Vipul Goyal OSP Global.

1DAML PI meeting, October DAML and Agents DAML and Agents Breakout Session DAML PI Meeting 17 October 2002 Tim Finin.

Delivery Methods forIPP Event Notifications 1 Internet Printing Protocol (IPP) Delivery Methods for IPP Event Notifications.

Peer-to-peer and agent-based computing Peer-to-Peer Computing: Introduction.

© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 16 Secure Coding in Java and.NET Part 1: Fundamentals.

The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.

The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

Managing Web server performance with AutoTune agents by Y. Diao, J. L. Hellerstein, S. Parekh, J. P. Bigu Jangwon Han Seongwon Park

Research Issues in Web Services CS 4244 Lecture Zaki Malik Department of Computer Science Virginia Tech

Duagi Bulent UNIVERSITY POLITEHNICA of BUCHAREST DEPARTMENT OF COMPUTER SCIENCE UNIVERSITY POLITEHNICA of BUCHAREST DEPARTMENT OF COMPUTER SCIENCE.

Proxy Server Systems for Wireless Mobile Web Service

E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April Seo, Seung-Hyun Dept. of Computer Science and.

A Comparison of HTTP and HTTPS Performance Arthur Goldberg, Robert Buff, Andrew Schmitt [artg, buff, Computer Science Department Courant.

CREATING A PAYMENT REQUEST FOR VENDOR IN SYSTEM

1 Heriot -Watt University MACS, Edinburgh Towards a Logical Framework For Knowledge Management in Digital Economy Lilia Georgieva and.

Session Initiation Protocol (SIP) Aarti Gupta. Agenda Why do we need SIP ? The protocol Instant Messaging using SIP Internet Telephony with SIP Additional.

44212: Web-site Development

Test B, 100 Subtraction Facts

Lecture 12: Web Services MicrosoftIntroducing CS using.NETJ# in Visual Studio.NET Objectives “Web Services are objects callable across a network.

16/02/06Internet based monitoring and control of embedded systems 1 EES.5413 February 16, 2005 Remi Bosman System Architecture & Networking Department.

1 GPS, A Program That Simulates Human Thought 신 동 호신 동 호 Allen Newell & H.A. Simon.

Timed Automata.

Computer Science Generating Streaming Access Workload for Performance Evaluation Shudong Jin 3nd Year Ph.D. Student (Advisor: Azer Bestavros)

Automatic Verification of Component-Based Real-Time CORBA Applications Gabor Madl Sherif Abdelwahed

Towards a Logic for Wide-Area Internet Routing Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory Kunal.

Transparent Robustness in Service Aggregates Onyeka Ezenwoye School of Computing and Information Sciences Florida International University May 2006.

Internet Networking Spring 2006 Tutorial 12 Web Caching Protocols ICP, CARP.

CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #13 Web Caching Protocols ICP, CARP.

A Distributed Proxy Server for Wireless Mobile Web Service Kisup Kim, Hyukjoon Lee, and Kwangsue Chung Information Network 2001, 15 th Conference.

Internet Networking Spring 2002 Tutorial 13 Web Caching Protocols ICP, CARP.

Verifying Distributed Real-time Properties of Embedded Systems via Graph Transformations and Model Checking Gabor Madl

Implementing ISA Server Caching. Caching Overview ISA Server supports caching as a way to improve the speed of retrieving information from the Internet.

HTTP HyperText Transfer Protocol Part 3.

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

Cheng/Dillon-Software Engineering: Formal Methods Model Checking.

Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.

Web Services Glossary Summary of Holger Lausen

Dynamic Content On Edge Cache Server (using Microsoft.NET) Name: Aparna Yeddula CS – 522 Semester Project Project URL: cs.uccs.edu/~ayeddula/project.html.

Quick Implementation of a WAP Push Gateway Wen-Hung Su Fu Jen Catholic University Computer Science and Information Engineering Department Moblie Communication.

POSTER TEMPLATE BY: Whitewater HTTP Vulnerabilities Nick Berry, Joe Joyce, & Kevin Vaccaro. Syntax & Routing Attempt to capture.

1 The CeNTIE project is supported by the Australian Government through the Advanced Networks Program of the Department of Communications, Information Technology.

A Theory of Interactive Computation Jan van Leeuwen, Jiri Widermann Presented by Choi, Chang-Beom KAIST.

Advanced Computer Networks Topic 2: Characterization of Distributed Systems.

Web Client-Server Server Client Hypertext link TCP port 80.

An Ontological Framework for Web Service Processes By Claus Pahl and Ronan Barrett.

Negotiation Protocol for Agile Collaboration in e-Science Zeqian Meng, John M. Brooke School of Computer Science, University of Manchester October 29th,

1 Qualitative Reasoning of Distributed Object Design Nima Kaveh & Wolfgang Emmerich Software Systems Engineering Dept. Computer Science University College.

Performance of Web Proxy Caching in Heterogeneous Bandwidth Environments IEEE Infocom, 1999 Anja Feldmann et.al. AT&T Research Lab 발표자 : 임 민 열, DB lab,

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.

Modelling Reactive Systems 4 Professor Muffy Calder Dept. of Computing Science University of Glasgow

Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.

DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.

Distributed Computing & Embedded Systems Chapter 4: Remote Method Invocation Dr. Umair Ali Khan.

The Internet Salihu Ibrahim Dasuki (PhD) CSC102 INTRODUCTION TO COMPUTER SCIENCE.

CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.

Lecture # 1 By: Aftab Alam Department Of Computer Science University Of Peshawar Internet Programming.

COMP2322 Lab 2 HTTP Steven Lee Feb. 8, 2017.

Internet Networking recitation #12

Presentation transcript:

Computer Science Computer Science Department Boston University 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002) Safe Composition of Web Communication Protocols Adam D. Bradley Azer Bestavros Assaf J. Kfoury

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)2 Introduction  Preliminaries HTTP Versions The Expect/Continue Feature: Is it “Safe”?  Model-based Analysis Building Models from RFCs Verification Results General Claims  Conclusions and Future Directions

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)3 HTTP Versioning Problem  HTTP - informal docs, internet-drafts  HTTP/1.0 RFC1945  HTTP/1.1 RFC2068 (1/97), superceded by RFC2616 (6/99) “HTTP/1.1” does not uniquely identify semantics

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)4 Expect/Continue  Clients can send entities in requests POSTing a form, Image, PDF paper, Web Service invocation (SOAP etc.)  Don’t send entity if doing so accomplishes nothing Authentication failure, server overload, failed predicate  “ 100 Continue ” Interim Response Server signals interest in request entity Introduced in RFC2068  “ Expect: 100-continue ” Request Header Client signals it will wait for a 100 Continue message Introduced in RFC2616

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)5 Expect/Continue: Problems!  This changes the event model for HTTP!  What’s a proxy to do? (Pre-RFC2616) Is “ 100 Continue ” hop-by-hop?  Defeats most obvious use: Bandwidth-starved client Is “ 100 Continue ” end-to-end?  Deadlock-prone [Mogul97] Is it either/both? (Choose either at whim?)  Confuses (deceives) downstream agents?

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)6 The “Fix”  RFC2616 added Expect: 100-continue  Defined Expect/Continue as Hop-by-Hop  Rules for graceful interoperability with RFC2068 Problem solved… or IS it?

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)7 Formal Modeling  SPIN Finite-State Model Checker  Strength: Find deadlocks, livelocks, LTL violations Gerard Holzmann - Bell Labs Freely Downloadable  Promela C-like code for non-deterministic state machines Useful constructs for communication modeling  The Challenge: Translate prosaic RFCs into Reactive State Machines

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)8 Promela/SPIN Models  Clients client-1945, -2068,  Servers server-1945, -2068, -2616, may  Proxies proxy-1945 proxy-2068-e2e, hbh, hybrid proxy-2616, fixed  Code available via web:

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)9 Client-Server Results  Write Deadlock: C1.1 - S1.1  Resembles a DoS attack Benevolent Peers!  Rare in practice Large S/R buffers  Otherwise, all cases verify

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)10 Client-Proxies-Server Results  Experiment with proxy-2068-hybrid Use -e2e, -hbh to explore reasons for failures  All Deadlock-Prone Cases: RFC1945 Server or Proxy upstream of a 1.1 Proxy Included an RFC2068 Proxy downstream somewhere  2068-e2e behavior induces problems  2068-hybrid aggravates it (deception)  Interaction of RFC2068 and RFC2616 rules can fail Experiments 2.8, 4.3, 4.6, 4.12, 4.13

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)11 Example proxy-2616-fixed handles this correctly

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)12 Example Problem: Imperfect knowledge beyond first hop

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)13 Generalizing: Reductions  Tested all CS, CPS, CPPS Longer chain = greater computational cost  Each CS: seconds  Each CPS: minutes  Each CPPS: hours  Each CPPPS: days  How do we argue about C(P*)S? Reduction Rules Failure Patterns

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)14 Reduction Rules, Failure Patterns  e.g.: “A sequence of proxy-2616 agents behaves (causally) exactly as a single proxy-2616 would.”  Our 8 reductions can reduce any arbitrarily long C(P*)S to one of 53 finite-length models (see [3])  Gives rise to two failure patterns: p/c-2068  proxy-1.1  p/s-1945 c-1.1  (p-1.1  )* p-2068  p/s-1945

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)15 Conclusions and Future Work  Modeling informs standards writers Do modeling/verification at design/draft time Force semantic disambiguation Formalize goal of “interoperability” as requiring verifiable reductions/reducibility  Automatically Identifying Reductions Ideas from I/O automata [Lynch 89, etc]  Backend tools for Flow Calculus Language-level safety of net protocols and programs

Computer Science 14 August, th International Workshop on Web Content Caching and Distribution (WCW 2002)16  Supported in part by: NSF awards ANI , ANI , CCR , ITR U.S. Dept of Education GAANN Fellowship Questions?