reliable client server connections
play

Reliable client-server connections Making Telnet secure Thijs - PowerPoint PPT Presentation

Sep 11, 2023 •1.15k likes •1.39k views

Reliable client-server connections Making Telnet secure Thijs Rozekrans Ren e Klomp thijs.rozekrans@os3.nl rene.klomp@os3.nl System and Network Engineering University of Amsterdam July 3, 2013 Thijs Rozekrans, Ren e Klomp (UvA)

  1. Reliable client-server connections Making Telnet secure Thijs Rozekrans Ren´ e Klomp thijs.rozekrans@os3.nl rene.klomp@os3.nl System and Network Engineering University of Amsterdam July 3, 2013 Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 1 / 16

  2. Introduction • Authentication of both clients and servers • Decentralised • Based on TLS • Proof of concept Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 2 / 16

  3. Introduction How can current techniques be used to validate the identity of both client and server, using a TLS connection, in a decentralised way? Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 3 / 16

  4. Motivation • Increase usage of certificate by clients and servers • Eliminate the need for certificate authorities • Diginotar debacle • Foreign governments • Centralized • Techniques are available • Currently no implementations exist Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 4 / 16

  5. Design considerations • PGP or X.509 (CA’s) • Validating certificates • Daemon or Library • Programming language Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 5 / 16

  6. PGP or X.509 • X.509 • Widely adapted • Validation of certificate is done by CA • PGP • Certificates are managed by users • Decentralized design (web-of-trust) Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 6 / 16

  7. Validating certificates Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 7 / 16

  8. Daemon or Library • Library • Existing GnuTLS library • Daemon • Forwarding mechanism • Caching • Access to private keys • Multiple programming languages Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 8 / 16

  9. Programming Language • Performance • Future extension Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 9 / 16

  10. Implementation • Daemon • Python • PyGnuTLS Library • Pass file descriptor of existing connection Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 10 / 16

  11. Implementation TCP Handshake Client Server Library Library Encrypted Daemon Daemon Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 11 / 16

  12. Implementation • Based on certificate UID • LDAP • DANE • Flags to disable certain checks • DNSSEC • Reponds with: • OK + id • ERR + code + message Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 12 / 16

  13. Implementation • Forwarding mechanism • Telnet application as an example • Possible with every other application TCP Handshake Telnet TCP-Forwarder TCP-Forwarder Telnetd Library Library Encrypted Daemon Daemon Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 13 / 16

  14. Conclusion How can current techniques be used to validate the identity of both client and server using a TLS connection in a decentralised way? • By creating a daemon it is possible! • Easily implemented using single call to library • It does work with an existing application (Telnet) • https://github.com/OS3/rp2_68 Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 14 / 16

  15. Future work • (D)TLS for UDP and SCTP • (Soft)HSM • Caching • Certificate Pinning • Libraries in other languages Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 15 / 16

  16. Questions Are there any questions? made possible by Thijs Rozekrans, Ren´ e Klomp (UvA) Reliable client-server connections July 3, 2013 16 / 16

Recommend

Evolution of the Web 1 Client Server 2 2 / 22 1 Client Server 2 2 / 22 1 Client Server

Evolution of the Web 1 Client Server 2 2 / 22 1 Client Server 2 2 / 22 1 Client Server

E LIOM Tierless Web programming from the ground up Gabriel R ADANNE Jrme V OUILLON Vincent B ALAT Vasilis P APAVASILEIOU Evolution of the Web 1 Client Server 2 2 / 22 1 Client Server 2 2 / 22 1 Client Server DOM 2 2 / 22 1

778 views • 42 slides
Multi-Threaded Servers December 6, 2007 1 Client-Server Communication Client Client Client

Multi-Threaded Servers December 6, 2007 1 Client-Server Communication Client Client Client

Multi-Threaded Servers December 6, 2007 1 Client-Server Communication Client Client Client Client Client Client Client Client Client Google Client Client Client Client Client Client Many clients; 1 server Server starts and then

333 views • 6 slides
Services Do A for me. Sockets and Client/Server OK, heres your answer.

Services Do A for me. Sockets and Client/Server OK, heres your answer.

Services Do A for me. Sockets and Client/Server OK, heres your answer. Communication Now do B. OK, here. Client Server Jeff Chase request/response paradigm ==> client/server roles Duke University - Remote

323 views • 8 slides
sockets cont / RPC 1 last time client/server versus peer-to-peer model names, addresses

sockets cont / RPC 1 last time client/server versus peer-to-peer model names, addresses

sockets cont / RPC 1 last time client/server versus peer-to-peer model names, addresses (IPv4/IPv6), routing socket abstraction two-way pipes to remote machine server sockets bind() (set address) + listen() (wait for connections)

1.45k views • 132 slides
Sockets and Client/Server Communication Jeff Chase Duke University Services Do A for me.

Sockets and Client/Server Communication Jeff Chase Duke University Services Do A for me.

Sockets and Client/Server Communication Jeff Chase Duke University Services Do A for me. OK, heres your answer. Now do B. OK, here. Server Client request/response paradigm ==> client/server roles - Remote

628 views • 46 slides
Interfaces as Contracts A client and a server are bound by a contract The server promises

Interfaces as Contracts A client and a server are bound by a contract The server promises

Interfaces as Contracts A client and a server are bound by a contract The server promises to do its job Defined by the postconditions As long as the client uses the server correctly Defined by the pre-conditions Bertrand Meyer

336 views • 8 slides
Socket Programming Socket Programming Srinidhi Varadarajan Client- -server paradigm server

Socket Programming Socket Programming Srinidhi Varadarajan Client- -server paradigm server

Socket Programming Socket Programming Srinidhi Varadarajan Client- -server paradigm server paradigm Client Client: applicat ion initiates contact with server t r anspor t net wor k (speaks first) dat a link physical

395 views • 20 slides
multi-platform, multi-os client/server Client/Server Communication Suppose we send data

multi-platform, multi-os client/server Client/Server Communication Suppose we send data

multi-platform, multi-os client/server Client/Server Communication Suppose we send data between clients and servers The Java stream hierarchy is a rich source of options Object streams, Data streams, Buffered Readers, Often

266 views • 3 slides
Binding: Connecting From Procedure to Client and Server Remote Procedure Server exports its

Binding: Connecting From Procedure to Client and Server Remote Procedure Server exports its

Binding: Connecting From Procedure to Client and Server Remote Procedure Server exports its interface Three main concerns Identifies itself to network name server Parameter passing Tells local runtime its dispatcher address Failure cases Import

115 views • 7 slides
CS 10: Problem solving via Object Oriented Programming Client/Server Agenda 1. Sockets 2.

CS 10: Problem solving via Object Oriented Programming Client/Server Agenda 1. Sockets 2.

CS 10: Problem solving via Object Oriented Programming Client/Server Agenda 1. Sockets 2. Server 3. Multithreaded server 4. Chat server 2 Sockets are a way for computers to communicate Client 1 makes connection over socket IP:

503 views • 35 slides
Server algorithms and their design many ways that a client/server can be designed each different

Server algorithms and their design many ways that a client/server can be designed each different

slide 1 gaius Server algorithms and their design many ways that a client/server can be designed each different algorithm has various benefits and problems are able to classify these algorithms by looking at the various server differences the

400 views • 25 slides
Server types concurrent, connectionless very uncommon a process is created for each

Server types concurrent, connectionless very uncommon a process is created for each

TCP week 8 5/12/02 1 Clients & Servers Client: in general, an application that initiates a peer-to-peer communication end users usually invoke client software Server: waits for incoming communication requests from a client

552 views • 7 slides
Server and Threads vanilladb.org Where are we? VanillaCore JDBC Interface (at Client Side)

Server and Threads vanilladb.org Where are we? VanillaCore JDBC Interface (at Client Side)

Server and Threads vanilladb.org Where are we? VanillaCore JDBC Interface (at Client Side) Remote.JDBC (Client/Server) Server Query Interface Tx Planner Parse Algebra Storage Interface Sql/Util Concurrency Recovery Metadata Index

787 views • 66 slides
Slow Orbit Feedback - Schematics oco Console Client Event @ 0.5Hz CDEV BPM CORBA Server

Slow Orbit Feedback - Schematics oco Console Client Event @ 0.5Hz CDEV BPM CORBA Server

Top-up Operation at the Swiss Light Source Slow Orbit Feedback - Schematics oco Console Client Event @ 0.5Hz CDEV BPM CORBA Server Event Server Server Event @ 2Hz TRACY Feedback Server Client Poll FB Log Model Server Event

208 views • 8 slides
Content Server Caching Network Client Web Server Browser Avoid Network Latency Avoid Queuing

Content Server Caching Network Client Web Server Browser Avoid Network Latency Avoid Queuing

Content Server Caching Network Client Web Server Browser Avoid Network Latency Avoid Queuing Delays at Server Cache Content Locally at client Updates? Cache Content at proxies Proxy Server Client Proxy Server Content Server Proxy

781 views • 14 slides
Distributed Processing Distributed Processing, Client/Server, and Clusters , Chapter 13

Distributed Processing Distributed Processing, Client/Server, and Clusters , Chapter 13

Distributed Processing Distributed Processing, Client/Server, and Clusters , Chapter 13 Chapter 13 1 Client/Server Computing Client/Server Computing Client machines are generally single-user PCs Cli t hi ll i l PC or

824 views • 55 slides
Securing the Social Web by Moving Beyond Client-Server Security Tyler Close Google, engineer

Securing the Social Web by Moving Beyond Client-Server Security Tyler Close Google, engineer

QCon SF 2010 file:///home/recht/projekt/qcon/wed/Securing the w... Securing the Social Web by Moving Beyond Client-Server Security Tyler Close Google, engineer Client-Server Model Isolated clients connect to a single server. One

448 views • 6 slides
Applications & Client/Server computing link Example client/server systems and

Applications & Client/Server computing link Example client/server systems and

COMP 431 Application-Layer Protocols Internet Services & Protocols Outline application application transport The architecture of distributed systems network Applications & Client/Server computing link Example

204 views • 17 slides
CS 3700 Networks and Distributed Systems The Web Client-Server Computing 2 99% of all

CS 3700 Networks and Distributed Systems The Web Client-Server Computing 2 99% of all

CS 3700 Networks and Distributed Systems The Web Client-Server Computing 2 99% of all distributed systems use client-server architectures! Today: look at the most popular client-server The Web The Web The Web has become a

1.57k views • 113 slides
CSc 337 LECTURE 25: COOKIES Stateful client/server interaction Sites like amazon.com seem to

CSc 337 LECTURE 25: COOKIES Stateful client/server interaction Sites like amazon.com seem to

CSc 337 LECTURE 25: COOKIES Stateful client/server interaction Sites like amazon.com seem to "know who I am." How do they do this? How does a client uniquely identify itself to a server, and how does the server provide specific

686 views • 15 slides
CSc 337 LECTURE 27: COOKIES Stateful client/server interaction Sites like amazon.com seem to

CSc 337 LECTURE 27: COOKIES Stateful client/server interaction Sites like amazon.com seem to

CSc 337 LECTURE 27: COOKIES Stateful client/server interaction Sites like amazon.com seem to "know who I am." How do they do this? How does a client uniquely identify itself to a server, and how does the server provide specific

639 views • 15 slides
Networking CS217 Fall2001 1 Client/Server

Networking CS217 Fall2001 1 Client/Server

Networking CS217 Fall2001 1 Client/Server Server:processthatprovidesaservice e.g.,fileserver,webserver,mailserver calledapassiveparticipant:waitstobecontacted

643 views • 4 slides
File System Client and Server Server response (e.g., file block) request (e.g., read) Client

File System Client and Server Server response (e.g., file block) request (e.g., read) Client

COMP 790-088 -- Distributed File Systems With Case Studies: Andrew and Google COMP 790-088 -- Fall 2009 1 1 File System Client and Server Server response (e.g., file block) request (e.g., read) Client COMP 790-088 -- Fall 2009 2 2

284 views • 9 slides
Client / Server 2110213 Information System Organization Natawut Nupairoj, Ph.D. Department of

Client / Server 2110213 Information System Organization Natawut Nupairoj, Ph.D. Department of

Client / Server 2110213 Information System Organization Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University IS Components Natawut Nupairoj, Ph.D. 1 What is Client/Server? If the clients The client

339 views • 14 slides

More recommend