Privacy- Preserving P2P Data Sharing with OneSwarm. Presented by. Adnan Malik

Size: px
Start display at page:

Download "Privacy- Preserving P2P Data Sharing with OneSwarm. Presented by. Adnan Malik"

Transcription

1 Privacy- Preserving P2P Data Sharing with OneSwarm Presented by Adnan Malik

2 Privacy The protec?on of informa?on from unauthorized disclosure Centraliza?on and privacy threat Websites Facebook TwiFer

3 Peer to Peer (P2P) Alternate solu?on for file sharing without sharing through a website Privacy Vs Performance BitTorent Good performance Users can be monitored Tor Good privacy but poor performance

4 OneSwarm Both Performance and privacy Privacy Default policy on the public sharing by user Data shared using disposable, temporary addresses and routed indirectly Performance Content look up using mul?ple overlay paths Good performance even for rare objects Flexible Privacy Restricted sharing to trusted contacts Used by thousands of people worldwide

5 Data Sharing without OneSwarm Downloads Trust worthy, e.g Downloading Linux security patch using biforrent User trust Friend s vs anonymous peers May divide into three Models Freenet: for anonymous publica?ons Tor : for anonymous downloads? : controlled sharing with friends

6 Bob and Alice again

7 Data sharing Public Distribu?on Sharing recorded lecture course With permissions Permission against a file Restric?ng users against a file Without afribu?on For sensi?ve data sharing Privacy preserving keywords search Unknown source and des?na?on

8 Protocol Design Topology Users define the links by exchanging public keys This iden?fies each user and creates direct encrypted P2P connec?ons OneSwarm uses social graph and community server for key distribu?on Distributed hash table (DHT) serves as name resolu0on service Each client maintains encrypted en??es adver?sing their IP address and port to authorized users Peers Trusted Peers are used for sharing Among friends and family Untrusted For sharing without afribu?on. For users with few trusted friends Transport To enhance privacy Instead of sharing data publically Each OneSwarm client restricts direct communica0on to a small number of persistent contacts Instead of centralized informa0on of which peers have which object One Swarm : Locates different data sources using Object lookup through overlay Instead of sources sending data directly to receivers Reverse search path in the mesh is used Conges0on aware and automa?cally rou?ng protocol Mul0ple paths to each data source for performance

9 Protocol Design: Linking peers with trust rela?onships Public and private keys 1024 bit RSA key pair is generated upon installa?on Key serving as iden0ty among friends Manual key sharing between two users Automa?c key sharing Discovers and exchange keys over local area network Exis?ng social networks e.g google talk invita?on to friends

10 Protocol Design: Managing groups and untrusted peers Groups of colleagues Private community server Registered users Public Public community servers Community server registra?on Helps to avoid sybil iden??es Each user must have a node iden?ty Loca?on of other node not visible

11 Protocol Design: Iden?ty and connec?vity Distributed Hash table (DHT) IP and port Entries for a client are signed by client and encrypted with the public key Each entry is indexed by 20 byte randomly generated shared secret IP s and port are hashed DHT Loca?on is hidden

12 Protocol Design: Naming and loca?ng data Secure Sockets (SSLv3) used for connec?on File list messages Exchanged on first connec?on Compressed XML afributes Contains name, size and other meta data for par?cular peer Empty list by the node (if it has nothing to share) Naming Shared files are named using 160 bit SHA- 1 hash of their name and content For public data User obtains hashes from , websites and keywords search For Private data User must obtain both hash and key used for decryp?on of data Conges?on Aware search Uses keyword search messages to include randomly generated ID s Search forwarded by nodes if not have file at system Shortest path High load and path alternate Path Setup Search reply message List of content hashes, File, meta data and path iden?fier More then one path is differen?ated by path ID s

13 Protocol Design Swarming data transfer Keep alive messages to refresh path Expires 30 seconds of inac?vity Path becomes congested? Incen?ves Transfer sta?s?cs Uploaded, downloaded,maximum transfer rates, control traffic and volume, up?me Tit for tat policy

14 Security Analysis Threat Model AFacker can join with limited number of nodes Can check the traffic flow to/from No guarantee Sniffing, modify or injected data Injector can size the hardware e.g Law enforcement AFacks and defenses Limi?ng hacker to snoop in from arbitrary loca?on by not assigning peer dynamically User defined trusted and untrusted links to keep the informa?on private End to end path between users changes rapidly helps to prevent hacking using historical data

15 Timing AFacks Measuring the round trip?me of search/ response maybe used to find data source detec?on by hacker Hacker may come up with many virtual nodes and trying to par?cipate in the system to find the directly connected nodes Solu?on OneSwarm ar?ficially inflates delays for query received from untrusted peers. In result hacker ends up two to three hope away from source/ receiver

16 PlanerLab RTT(Round Trip Time) Experiments Length of the path (Large and small) Congested nodes

17 Collusion afack

18 Evalua?on Measure Performance and structure and u?liza?on in the real world Voluntarily user reported data 100,000 dis?nct user reported over 10 month period Reported total number of peers method used for key exchange aggregate data transfer volumes Client running on hundreds of PlanetLab machines Measuring the background traffic generated Data forwarding and Control traffic

19 Evalua?on: Overlay Structure Social rela?onships Random matching of public community servers User s impor?ng large number of keys from websites maintaining ac?ve user s lists

20 Evalua?on: Mul? Path transfer

21 Exis?ng Systems

22 Overheads

23 Trace Replay in last.fm Social Graph

24 Related work (Privacy) Crowds provides anonymous web browsing by randomly tunneling requests via other system par?cipants Herbivore Anonymous file sharing by providing scalable implementa?on of DC- nets Tor Uses onion rou?ng techniques to anonymize requests via set of relay modes Tarzan Without using public key infrastructure,address rewri?ng techniques via P2P context OneSwarm Differs Data sharing model Peer trust rela?onships Large scale deployment and user popula?on

25 Related work (Trust) Sybil Guard Uses proper?es of social networks to hide iden??es in social systems Friendstore P2P backup system Data stored on other trust friend s nodes Similarly Turtle, UIA and Ostra OneSwarm With variety of addi?onal untrusted links Allowing mixtures of peer sources for further privacy enhancement

26 Conclusion Reduce cost of privacy to user Uses techniques Efficient, robust and privacy preserving lookup and data transfer User flexibility control over their privacy Sharing permissions Trust at individual data objects and peers Publically available Windows, Mac OS X and Linux Delivers privacy preserving download

27 Ques?ons?

28 Discussions Have you used OneSwarm Permissions with file sharing (bob and Aice example) How it can be improved In Distributed Hash Table, IP s and ports are hashed, Is it safe enough

Privacy-Preserving P2P Data Sharing with OneSwarm

Privacy-Preserving P2P Data Sharing with OneSwarm Privacy-Preserving P2P Data Sharing with OneSwarm Tomas Isdal Michael Piatek Arvind Krishnamurthy Thomas Anderson University of Washington ABSTRACT Privacy the protection of information from unauthorized

More information

Privacy-preserving P2P data sharing with OneSwarm

Privacy-preserving P2P data sharing with OneSwarm Privacy-preserving P2P data sharing with OneSwarm Tomas Isdal Michael Piatek Arvind Krishnamurthy Thomas Anderson http://oneswarm.cs.washington.edu/ Abstract Privacy the protection of information from

More information

Privacy-Preserving P2P Data Sharing with OneSwarm

Privacy-Preserving P2P Data Sharing with OneSwarm Paper presentation by Hong Liu Privacy-Preserving P2P Data Sharing with OneSwarm Tomas Isdal Michael Piatek Arvind Krishnamurthy Thomas Anderson SIGCOMM 10 Objectives To protect privacy without sacrificing

More information

Wireless Networks: Network Protocols/Mobile IP

Wireless Networks: Network Protocols/Mobile IP Wireless Networks: Network Protocols/Mobile IP Mo$va$on Data transfer Encapsula$on Security IPv6 Problems DHCP Adapted from J. Schiller, Mobile Communications 1 Mo$va$on for Mobile IP Rou$ng based on IP

More information

Controller- based Path Selec2on for Distributed IaaS Cloud Environment. arch B4 yummy

Controller- based Path Selec2on for Distributed IaaS Cloud Environment. arch B4 yummy Controller- based Path Selec2on for Distributed IaaS Cloud Environment arch B4 yummy 1 Outline of Presenta2on 1. Problems of Distributed IaaS Cloud Environment Higher latency to some des2na2ons Many unnecessary

More information

Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones

Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones Network Security Security in Compu5ng, Chapter 7 Topics l Network AAacks l Reconnaissance l AAacks l Spoofing l Web Site Vulnerabili5es l Denial of Service l Network Defences l Firewalls l Demilitarised

More information

Content Distribu-on Networks (CDNs)

Content Distribu-on Networks (CDNs) Content Distribu-on Networks (CDNs) Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:0am in Architecture N101 hjp://www.cs.princeton.edu/courses/archive/spr12/cos461/ Second Half of the Course

More information

Bit Chat: A Peer-to-Peer Instant Messenger

Bit Chat: A Peer-to-Peer Instant Messenger Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare shreyas@technitium.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one

More information

UAB Cyber Security Ini1a1ve

UAB Cyber Security Ini1a1ve UAB Cyber Security Ini1a1ve Purpose of the Cyber Security Ini1a1ve? To provide a secure Compu1ng Environment Individual Mechanisms Single Source for Inventory and Asset Management Current Repor1ng Environment

More information

A Brief Overview of the Mobile App Ecosystem. September 13, 2012

A Brief Overview of the Mobile App Ecosystem. September 13, 2012 A Brief Overview of the Mobile App Ecosystem September 13, 2012 Presenters Pam Dixon, Execu9ve Director, World Privacy Forum Jules Polonetsky, Director and Co- Chair, Future of Privacy Forum Nathan Good,

More information

"ASM s INTERNATIONAL E-Journal on Ongoing Research in Management and IT"

ASM s INTERNATIONAL E-Journal on Ongoing Research in Management and IT To Study the Overall Cloud Computing Security Using Virtual Private Network. Aparna Gaurav Jaisingpure/Gulhane Email id: aparnagulhane@gmail.com Dr.D.Y.Patil Vidya Pratishthan s Dr. D.Y Patil College of

More information

Security Protocols: SSH. Michael E. Locasto University of Calgary

Security Protocols: SSH. Michael E. Locasto University of Calgary Security Protocols: SSH Michael E. Locasto University of Calgary Agenda Philosophy: data protec?on on the network Discussion of SSH SSH history Authen?ca?on Mechanisms SSH2 design overview / architecture

More information

Configuring Security Features of Session Recording

Configuring Security Features of Session Recording Configuring Security Features of Session Recording Summary This article provides information about the security features of Citrix Session Recording and outlines the process of configuring Session Recording

More information

Networked Virtual Spaces and Clouds. Magda El Zarki UC Irvine

Networked Virtual Spaces and Clouds. Magda El Zarki UC Irvine Networked Virtual Spaces and Clouds Magda El Zarki UC Irvine Outline Introduc6on to Networked Virtual Environments (NVE) Networked Virtual Environment Architectures Quality of Experience Clouds and real

More information

P2P: centralized directory (Napster s Approach)

P2P: centralized directory (Napster s Approach) P2P File Sharing P2P file sharing Example Alice runs P2P client application on her notebook computer Intermittently connects to Internet; gets new IP address for each connection Asks for Hey Jude Application

More information

DDC Sequencing and Redundancy

DDC Sequencing and Redundancy DDC Sequencing and Redundancy Presenter Sequencing Importance of sequencing Essen%al piece to designing and delivering a successful project Defines how disparate components interact to make up a system

More information

Security Requirements

Security Requirements Security Requirements Security in Compu4ng, Chapters 1 & 10. 1 Topics What are the key requirements to implement a secure system? Privacy Anonymity Authen4ca4on & Authorisa4on Integrity Audit 2 Privacy

More information

Anonymous Communication in Peer-to-Peer Networks for Providing more Privacy and Security

Anonymous Communication in Peer-to-Peer Networks for Providing more Privacy and Security Anonymous Communication in Peer-to-Peer Networks for Providing more Privacy and Security Ehsan Saboori and Shahriar Mohammadi Abstract One of the most important issues in peer-to-peer networks is anonymity.

More information

Sophos Ltd. All rights reserved.

Sophos Ltd. All rights reserved. Sophos Ltd. All rights reserved. 1 Sophos Approach to Unified Security Integrated Security for Be9er Protec;on James Burchell & Greg Iddon, Sales Engineers UK&I, Technology Services What we re going to

More information

Hiding Tracks on the Net

Hiding Tracks on the Net Hiding Tracks on the Net Ways one might hide their tracks Private Browsing Anonymizers & Proxy Servers SSL / TLS Passwords False Information Public Networks Email Services Encryption Firewalls Private

More information

Internetworking II: MPLS, Security, and Traffic Engineering

Internetworking II: MPLS, Security, and Traffic Engineering Internetworking II: MPLS, Security, and Traffic Engineering 3035/GZ01 Networked Systems Kyle Jamieson Department of Computer Science University College London Last Fme: Internetworking IP interconnects

More information

DDOS Mi'ga'on in RedIRIS. SIG- ISM. Vienna

DDOS Mi'ga'on in RedIRIS. SIG- ISM. Vienna DDOS Mi'ga'on in RedIRIS SIG- ISM. Vienna Index Evolu'on of DDOS a:acks in RedIRIS Mi'ga'on Tools Current DDOS strategy About RedIRIS Spanish Academic & research network. Universi'es, research centers,.

More information

Wireless and Mobile Networks

Wireless and Mobile Networks Wireless and Mobile Networks Reading: Sec7ons 2.8 and 4.2.5 COS 461: Computer Networks Spring 2009 (MW 1:30 2:50 in COS 105) Mike Freedman Teaching Assistants: WyaO Lloyd and Jeff Terrace hop://www.cs.princeton.edu/courses/archive/spring09/cos461/

More information

Pervade Software. Use Case PCI Technical Controls. PCI- DSS Requirements

Pervade Software. Use Case PCI Technical Controls. PCI- DSS Requirements OpAuditTM from is the first compliance management product on the market to successfully track manual controls and technical controls in the same workflow-based system. This ingenious solution gathers &

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

SDN Controller Requirement

SDN Controller Requirement SDN Controller Requirement draft-gu-sdnrg-sdn-controller-requirement-00 Rong Gu (Presenter) Chen Li China Mobile Background l Public Cloud && Private Cloud in China Mobile Public Cloud (ecloud.10086.cn)

More information

Tim Blevins Execu;ve Director Labor and Revenue Solu;ons. FTA Technology Conference August 4th, 2015

Tim Blevins Execu;ve Director Labor and Revenue Solu;ons. FTA Technology Conference August 4th, 2015 Tim Blevins Execu;ve Director Labor and Revenue Solu;ons FTA Technology Conference August 4th, 2015 Governance and Organiza;onal Strategy PaIerns of Fraud and Abuse in Government What tools can we use

More information

BadUSB On accessories that turn evil

BadUSB On accessories that turn evil BadUSB On accessories that turn evil Karsten Nohl Sascha Krißler Jakob Lell SRLabs Template v12 Demo 1 USB s&ck takes over Windows machine 2 Agenda

More information

Migrating to Hosted Telephony. Your ultimate guide to migrating from on premise to hosted telephony. www.ucandc.com

Migrating to Hosted Telephony. Your ultimate guide to migrating from on premise to hosted telephony. www.ucandc.com Migrating to Hosted Telephony Your ultimate guide to migrating from on premise to hosted telephony Intro What is covered in this guide? A professional and reliable business telephone system is a central

More information

Resilience improving features of MPLS, IPv6 and DNSSEC

Resilience improving features of MPLS, IPv6 and DNSSEC Resilience improving features of MPLS, IPv6 and DNSSEC So?ris Ioannidis Ins%tute of Computer Science (ICS) Founda%on for Research and Technology Hellas (FORTH) Crete, Greece MPLS, IPv6 and DNSSEC MPLS

More information

Computer Networks. Examples of network applica3ons. Applica3on Layer

Computer Networks. Examples of network applica3ons. Applica3on Layer Computer Networks Applica3on Layer 1 Examples of network applica3ons e- mail web instant messaging remote login P2P file sharing mul3- user network games streaming stored video clips social networks voice

More information

SDN AND SECURITY: Why Take Over the Hosts When You Can Take Over the Network

SDN AND SECURITY: Why Take Over the Hosts When You Can Take Over the Network SDN AND SECURITY: Why Take Over the s When You Can Take Over the Network SESSION ID: TECH0R03 Robert M. Hinden Check Point Fellow Check Point Software What are the SDN Security Challenges? Vulnerability

More information

Phone Systems Buyer s Guide

Phone Systems Buyer s Guide Phone Systems Buyer s Guide Contents How Cri(cal is Communica(on to Your Business? 3 Fundamental Issues 4 Phone Systems Basic Features 6 Features for Users with Advanced Needs 10 Key Ques(ons for All Buyers

More information

Guideline for setting up a functional VPN

Guideline for setting up a functional VPN Guideline for setting up a functional VPN Why do I want a VPN? VPN by definition creates a private, trusted network across an untrusted medium. It allows you to connect offices and people from around the

More information

Demys&fying Mobile Device Management Challenges Indir Avdagic

Demys&fying Mobile Device Management Challenges Indir Avdagic Demys&fying Mobile Device Management Challenges Indir Avdagic Director of Informa.on Security and Risk Management, SEAS Objec&ves Our hope is that this conversa0on will get people thinking about mobile

More information

Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES

Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES Agenda Importance of Common Cloud Standards Outline current work undertaken Define

More information

Developing OpenDaylight Apps with MD-SAL. J. Medved, E. Warnicke, A. Tkacik. R. Varga Cisco Sample App: M. Rehak, Cisco February 04, 2014

Developing OpenDaylight Apps with MD-SAL. J. Medved, E. Warnicke, A. Tkacik. R. Varga Cisco Sample App: M. Rehak, Cisco February 04, 2014 Developing OpenDaylight Apps with MD-SAL J. Medved, E. Warnicke, A. Tkacik. R. Varga Cisco Sample App: M. Rehak, Cisco February 04, 2014 Controller Architecture Management GUI/CLI D4A Protec3on Network

More information

Network Performance Tools

Network Performance Tools Network Performance Tools Jeff Boote Internet2/R&D June 1, 2008 NANOG 43/ Brooklyn, NY Overview BWCTL OWAMP NDT/NPAD BWCTL: What is it? A resource alloca=on and scheduling daemon for arbitra=on of iperf

More information

Administra0via. STP lab due Wednesday (in BE 301a!), 5/15 BGP quiz Thursday (remember required reading), 5/16

Administra0via. STP lab due Wednesday (in BE 301a!), 5/15 BGP quiz Thursday (remember required reading), 5/16 BGP Brad Smith Administra0via How are the labs going? This week STP quiz Thursday, 5/9 Next week STP lab due Wednesday (in BE 301a!), 5/15 BGP quiz Thursday (remember required reading), 5/16 Following

More information

Design considera-ons and Guiding Principles for Implemen-ng Cloud Security. William Stearns Security Analyst CloudPassage

Design considera-ons and Guiding Principles for Implemen-ng Cloud Security. William Stearns Security Analyst CloudPassage Design considera-ons and Guiding Principles for Implemen-ng Cloud Security William Stearns Security Analyst CloudPassage In a nutshell How do Cloud Servers differ from Data Center Servers? How do the differences

More information

Peer-to-Peer Systems: "A Shared Social Network"

Peer-to-Peer Systems: A Shared Social Network Peer-to-Peer Systems: "A Shared Social Network" Nguyen Hoang Anh Helsinki University of Technology hanguyen@cc.hut.fi Abstract In the last few years, the success of the Napster online music sharing program

More information

Virtual Private Networks

Virtual Private Networks Virtual Private Networks ECE 4886 Internetwork Security Dr. Henry Owen Definition Virtual Private Network VPN! Virtual separation in protocol provides a virtual network using no new hardware! Private communication

More information

CS 4604: Introduc0on to Database Management Systems. B. Aditya Prakash Lecture #5: En-ty/Rela-onal Models- - - Part 1

CS 4604: Introduc0on to Database Management Systems. B. Aditya Prakash Lecture #5: En-ty/Rela-onal Models- - - Part 1 CS 4604: Introduc0on to Database Management Systems B. Aditya Prakash Lecture #5: En-ty/Rela-onal Models- - - Part 1 Announcements- - - Project Goal: design a database system applica-on with a web front-

More information

Network Security Part II: Standards

Network Security Part II: Standards Network Security Part II: Standards Raj Jain Washington University Saint Louis, MO 63131 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse473-05/ 18-1 Overview

More information

Technology Plan Computer, Server & Infrastructure Improvements. Department of Informa-on Technology

Technology Plan Computer, Server & Infrastructure Improvements. Department of Informa-on Technology Department of Informa-on Technology Cri$cal Infrastructure Projects: Faculty & Staff Computer Replacement (11.C.1) Upgrade Server Infrastructure (II.D.1) Replace Aging Voice Mail System (II.D.4) Agenda

More information

Communication Security for Applications

Communication Security for Applications Communication Security for Applications Antonio Carzaniga Faculty of Informatics University of Lugano March 10, 2008 c 2008 Antonio Carzaniga 1 Intro to distributed computing: -server computing Transport-layer

More information

Deployment Scenarios

Deployment Scenarios Deployment Scenarios Sun Cobalt Summary The Sun Cobalt is a network-based appliance for managing a large number of remote servers and for deploying services to these servers. A control station is deployed

More information

Secure Communication in a Distributed System Using Identity Based Encryption

Secure Communication in a Distributed System Using Identity Based Encryption Secure Communication in a Distributed System Using Identity Based Encryption Tyron Stading IBM, Austin, Texas 78758, USA tjstadin@us.ibm.com Abstract Distributed systems require the ability to communicate

More information

Department of Computer Science Institute for System Architecture, Chair for Computer Networks. File Sharing

Department of Computer Science Institute for System Architecture, Chair for Computer Networks. File Sharing Department of Computer Science Institute for System Architecture, Chair for Computer Networks File Sharing What is file sharing? File sharing is the practice of making files available for other users to

More information

Email/Endpoint Security and More Rondi Jamison

Email/Endpoint Security and More Rondi Jamison Email/Endpoint Security and More Rondi Jamison Sr. Marke)ng Manager - Enterprise Security Strategy Agenda 1 Why Symantec? 2 Partnership 3 APS2 Packages 4 What s next Copyright 2014 Symantec Corpora)on

More information

Bacula Open Source Project Bacula Systems (professional support)

Bacula Open Source Project Bacula Systems (professional support) Bacula Open Source Project Bacula Systems (professional support) The Enterprise Ready Open Source Network Backup Solu

More information

Network Architecture

Network Architecture Network Architecture Security in Compu7ng - Chapter 7 Topics - Network Architecture in a Nutshell l A quick review of network architecture - SiC, Chapter 7 l Open Systems Interconnec7on (OSI) model l Network

More information

Phase 2: Scanning Detec0ng informa0on useful for break- in Live machines Network topology Firewall configura0on Applica0ons and OS types Vulnerabili0es

Phase 2: Scanning Detec0ng informa0on useful for break- in Live machines Network topology Firewall configura0on Applica0ons and OS types Vulnerabili0es Phase 2: Scanning Detec0ng informa0on useful for break- in Live machines Network topology Firewall configura0on Applica0ons and OS types Vulnerabili0es Finding live hosts Ping sweep TCP SYN sweep Map network

More information

Transport Layer Services Mul9plexing/Demul9plexing. Transport Layer Services

Transport Layer Services Mul9plexing/Demul9plexing. Transport Layer Services Computer Networks Mul9plexing/Demul9plexing Transport services and protocols provide logical communica+on between app processes running on different hosts protocols run in end systems send side: breaks

More information

SOMA Cryptography Whitepaper

SOMA Cryptography Whitepaper SOMA Cryptography Whitepaper Draft date: Nov. 1st, 2015 Contents Overview 2 Secure Transport Layer Protocol 3 AES256 Key Generation 3 Login Data Verification 3 Secure Transport Layer Establishment 4 Data

More information

Project 2: Firewall Design (Phase I)

Project 2: Firewall Design (Phase I) Project 2: Firewall Design (Phase I) CS 161 - Joseph/Tygar November 12, 2006 1 Edits If we need to make clarifications or corrections to this document after distributing it, we will post a new version

More information

CrashPlan Security SECURITY CONTEXT TECHNOLOGY

CrashPlan Security SECURITY CONTEXT TECHNOLOGY TECHNICAL SPECIFICATIONS CrashPlan Security CrashPlan is a continuous, multi-destination solution engineered to back up mission-critical data whenever and wherever it is created. Because mobile laptops

More information

Wireless Networks. Reading: Sec5on 2.8. COS 461: Computer Networks Spring 2011. Mike Freedman

Wireless Networks. Reading: Sec5on 2.8. COS 461: Computer Networks Spring 2011. Mike Freedman 1 Wireless Networks Reading: Sec5on 2.8 COS 461: Computer Networks Spring 2011 Mike Freedman hep://www.cs.princeton.edu/courses/archive/spring11/cos461/ 2 Widespread Deployment Worldwide cellular subscribers

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

Domain Name System Security

Domain Name System Security Domain Name System Security Guevara Noubir Network Security Northeastern University 1 Domain Name System DNS is a fundamental applica=on layer protocol Not visible but invoked every =me a remote site is

More information

Efficient Addressing. Outline. Addressing Subnetting Supernetting CS 640 1

Efficient Addressing. Outline. Addressing Subnetting Supernetting CS 640 1 Efficient Addressing Outline Addressing Subnetting Supernetting CS 640 1 IPV4 Global Addresses Properties IPv4 uses 32 bit address space globally unique hierarchical: network + host 7 24 Dot Notation 10.3.2.4

More information

Introduc)on to the IoT- A methodology

Introduc)on to the IoT- A methodology 10/11/14 1 Introduc)on to the IoTA methodology Olivier SAVRY CEA LETI 10/11/14 2 IoTA Objec)ves Provide a reference model of architecture (ARM) based on Interoperability Scalability Security and Privacy

More information

Playing Server Hide and Seek. lasse.overlier@ffi.no http://www.syverson.org

Playing Server Hide and Seek. lasse.overlier@ffi.no http://www.syverson.org Playing Server Hide and Seek Lasse Øverlier Norwegian Defence Research Establishment Paul Syverson Naval Research Laboratory lasse.overlier@ffi.no http://www.syverson.org Location Hidden Servers Alice

More information

IPv6 campus deployment experiences

IPv6 campus deployment experiences IPv6 campus deployment experiences Tim Chown University of Southampton HEAnet 2010, Kilkenny 11 th November 2010 tjc@soton.ac.uk Topics A very quick what is IPv6 Why IPv6? Phased deployment Managing a

More information

RWC4YD3S723QRVHHHIZWJXPTQMO6GKEQR

RWC4YD3S723QRVHHHIZWJXPTQMO6GKEQR Try it now: We have setup a Sync folder in the BitTorrent office that contains 1.1GB of BitTorrent Featured Content. You are welcome to sync with it by using the following secret key: RWC4YD3S723QRVHHHIZWJXPTQMO6GKEQR

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

Parallels Solu+ons for Business Keeping IT in Control of Mac in the Enterprise. Carlos Capó Sr. Manager, Global Business Solu6ons

Parallels Solu+ons for Business Keeping IT in Control of Mac in the Enterprise. Carlos Capó Sr. Manager, Global Business Solu6ons Parallels Solu+ons for Business Keeping IT in Control of Mac in the Enterprise Carlos Capó Sr. Manager, Global Business Solu6ons Leader in Applica6on Accessibility and Mac Enablement Strong Foundation

More information

UNIFIED, END- TO- END EDISCOVERY

UNIFIED, END- TO- END EDISCOVERY ac.onable informa.on governance Partners Providing Excellence in: UNIFIED, END- TO- END EDISCOVERY 2011 IBM Corpora.on Meet the Presenters Amir Jaibaji Vice President, Product Management StoredIQ Kevin

More information

Scaling IP Mul-cast on Datacenter Topologies. Xiaozhou Li Mike Freedman

Scaling IP Mul-cast on Datacenter Topologies. Xiaozhou Li Mike Freedman Scaling IP Mul-cast on Datacenter Topologies Xiaozhou Li Mike Freedman IP Mul0cast Applica0ons Publish- subscribe services Clustered applica0ons servers Distributed caching infrastructures IP Mul0cast

More information

Pu?ng B2B Research to the Legal Test

Pu?ng B2B Research to the Legal Test With the global leader in sampling and data services Pu?ng B2B Research to the Legal Test Ashlin Quirk, SSI General Counsel 2014 Survey Sampling Interna6onal 1 2014 Survey Sampling Interna6onal Se?ng the

More information

Detecting Malware P2P Traffic Using Network Flow and DNS Analysis. John Jerrim FloCon 2013

Detecting Malware P2P Traffic Using Network Flow and DNS Analysis. John Jerrim FloCon 2013 Detecting Malware P2P Traffic Using Network Flow and DNS Analysis John Jerrim FloCon 2013 11/16/2012 Copyright 2012 Damballa, Inc. All Rights Reserved Worldwide. 1 Overview More malware using P2P protocols

More information

Virtual Data Centre. User Guide

Virtual Data Centre. User Guide Virtual Data Centre User Guide 2 P age Table of Contents Getting Started with vcloud Director... 8 1. Understanding vcloud Director... 8 2. Log In to the Web Console... 9 3. Using vcloud Director... 10

More information

Networking and the Web

Networking and the Web Networking and the Web World- Wide Web Wide use of computers by the general public is directly a7ributable to the crea8on of the World Wide Web Key components of the web Computer Communica8on Networks

More information

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009 16 th lecture Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009 1 25 Organization Welcome to the New Year! Reminder: Structure of Communication Systems lectures

More information

An Introduc+on to CloudPrime

An Introduc+on to CloudPrime TM An Introduc+on to CloudPrime Secure messaging pla/orm to protect pa2ent privacy and uphold HIPAA/HITECH regula2on Mari Tangredi, CloudPrime 1 CloudPrime Company Overview! Headquartered in San Francisco,

More information

P2P File Sharing: BitTorrent in Detail

P2P File Sharing: BitTorrent in Detail ELT-53206 Peer-to-Peer Networks P2P File Sharing: BitTorrent in Detail Mathieu Devos Tampere University of Technology Department of Electronics & Communications Engineering mathieu.devos@tut.fi TG406 2

More information

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us

More information

Definition. A Historical Example

Definition. A Historical Example Overlay Networks This lecture contains slides created by Ion Stoica (UC Berkeley). Slides used with permission from author. All rights remain with author. Definition Network defines addressing, routing,

More information

Adapting Distributed Hash Tables for Mobile Ad Hoc Networks

Adapting Distributed Hash Tables for Mobile Ad Hoc Networks University of Tübingen Chair for Computer Networks and Internet Adapting Distributed Hash Tables for Mobile Ad Hoc Networks Tobias Heer, Stefan Götz, Simon Rieche, Klaus Wehrle Protocol Engineering and

More information

BM 465E Distributed Systems

BM 465E Distributed Systems BM 465E Distributed Systems Lecture 4 Networking (cont.) Mehmet Demirci Today Overlay networks Data centers Content delivery networks Overlay Network A virtual network built on top of another network Overlay

More information

1. The Web: HTTP; file transfer: FTP; remote login: Telnet; Network News: NNTP; e-mail: SMTP.

1. The Web: HTTP; file transfer: FTP; remote login: Telnet; Network News: NNTP; e-mail: SMTP. Chapter 2 Review Questions 1. The Web: HTTP; file transfer: FTP; remote login: Telnet; Network News: NNTP; e-mail: SMTP. 2. Network architecture refers to the organization of the communication process

More information

Basheer Al-Duwairi Jordan University of Science & Technology

Basheer Al-Duwairi Jordan University of Science & Technology Basheer Al-Duwairi Jordan University of Science & Technology Outline Examples of using network measurements /monitoring Example 1: fast flux detection Example 2: DDoS mitigation as a service Future trends

More information

An Integrated Approach to Manage IT Network Traffic - An Overview Click to edit Master /tle style

An Integrated Approach to Manage IT Network Traffic - An Overview Click to edit Master /tle style An Integrated Approach to Manage IT Network Traffic - An Overview Click to edit Master /tle style Agenda A quick look at ManageEngine Tradi/onal Traffic Analysis Techniques & Tools Changing face of Network

More information

Data Management in the Cloud: Limitations and Opportunities. Annies Ductan

Data Management in the Cloud: Limitations and Opportunities. Annies Ductan Data Management in the Cloud: Limitations and Opportunities Annies Ductan Discussion Outline: Introduc)on Overview Vision of Cloud Compu8ng Managing Data in The Cloud Cloud Characteris8cs Data Management

More information

VirtIX. Virtual Internet Exchange. IPredator et al. virtix.st

VirtIX. Virtual Internet Exchange. IPredator et al. virtix.st Virtual Internet Exchange virtix.st Introducing the Virtual Internet Exchange Managerial summary What is the? The idea of is to build an ISP-level VPN provider for Tier 3 and to allow peering at a Virtual

More information

Why Operators Need Optical Transport SDN

Why Operators Need Optical Transport SDN Why Operators Need Optical Transport SDN Not Just Another SDN Presentation. Nanog 63 Peter Landon, Director Product Architecture BTI Systems 2 Op.cal Transport SDN: Why is it important? OpenFlow controlled

More information

TrustNet CryptoFlow. Group Encryption WHITE PAPER. Executive Summary. Table of Contents

TrustNet CryptoFlow. Group Encryption WHITE PAPER. Executive Summary. Table of Contents WHITE PAPER TrustNet CryptoFlow Group Encryption Table of Contents Executive Summary...1 The Challenges of Securing Any-to- Any Networks with a Point-to-Point Solution...2 A Smarter Approach to Network

More information

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Network Layer: IPSec Transport Layer: SSL/TLS Chapter 4: Security on the Application Layer Chapter 5: Security

More information

Enterprise Security Critical Standards Summary

Enterprise Security Critical Standards Summary Enterprise Security Critical Standards Summary The following is a summary of key points in the Orange County Government Board of County Commissioners (OCGBCC) security standards. It is necessary for vendors

More information

Introduc)on to Real- Time Applica)ons and Infrastructure development in the IETF

Introduc)on to Real- Time Applica)ons and Infrastructure development in the IETF Introduc)on to Real- Time Applica)ons and Infrastructure development in the IETF IETF 86 Orlando, FL, USA! Sunday, March 10, 2013!! Adam Roach (Presenter) ! Robert Sparks !

More information

Network Connect Performance Logs on MAC OS

Network Connect Performance Logs on MAC OS Network Connect Performance Logs on MAC OS How-to Juniper Networks, Inc. 1 Table of Contents Introduction Part 1: Client Prerequisites... 3 Step 1.1: Packet Sniffer... 3 Step 1.2: Output IPs, Routes, Ping,

More information

A tutorial on how you can host mul$ple SSL Cer$ficates on a single IP address without losing any backward compa6bility

A tutorial on how you can host mul$ple SSL Cer$ficates on a single IP address without losing any backward compa6bility A tutorial on how you can host mul$ple SSL Cer$ficates on a single IP address without losing any backward compa6bility Paul van Brouwershaven Business Development Director EMEA, GlobalSign @vanbroup on

More information

A Catechistic Method for Traffic Pattern Discovery in MANET

A Catechistic Method for Traffic Pattern Discovery in MANET A Catechistic Method for Traffic Pattern Discovery in MANET R. Saranya 1, R. Santhosh 2 1 PG Scholar, Computer Science and Engineering, Karpagam University, Coimbatore. 2 Assistant Professor, Computer

More information

The BitTorrent Protocol

The BitTorrent Protocol The BitTorrent Protocol Taken from http://www.cs.uiowa.edu/~ghosh/bittorrent.ppt What is BitTorrent? Efficient content distribution system using file swarming. Usually does not perform all the functions

More information

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using etoken for SSL Web Authentication. SSL V3.0 Overview Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents

More information

Data Center Infrastructure of the future. Alexei Agueev, Systems Engineer

Data Center Infrastructure of the future. Alexei Agueev, Systems Engineer Data Center Infrastructure of the future Alexei Agueev, Systems Engineer Traditional DC Architecture Limitations Legacy 3 Tier DC Model Layer 2 Layer 2 Domain Layer 2 Layer 2 Domain Oversubscription Ports

More information