ietf middleware highlights
play

IETF middleware highlights Leif Johansson SWAMI.se IETF Internet - PowerPoint PPT Presentation

May 03, 2023 •217 likes •396 views

IETF middleware highlights Leif Johansson SWAMI.se IETF Internet Engineering Task Force Internet-Drafts turns into RFCs by magic: NEA Patches? We don't need no stinkin' patches! NEA Network Endpoint Assessment Network Admission

  1. IETF middleware highlights Leif Johansson SWAMI.se

  2. IETF ● Internet Engineering Task Force ● Internet-Drafts turns into RFCs by magic:

  3. NEA Patches? We don't need no stinkin' patches!

  4. NEA ● Network Endpoint Assessment – Network Admission Control (NAC) – Trusted Network Connect (TNC) – Network Access Protection (NAP) ● Send host patch status to a PDP who decides if you get bits... ● Abstract protocol (most likely) with (primarily) EAP-bindings

  5. NEA problems ● Lying clients ● Unclear problem statement ● What about IDSen or Anti-Virus software? ● Federated EAP – Home institution does NEA policy evaluation – SP should probably have a say on weather to allow the client to connect...

  6. NEA & EduRoam ● NEA clients will probably conflict with 3 rd party EAP-clients – Tough luck.. ● NEA may not understand federations – Probably fixable (if NEA is chartered)

  7. EMU Billions and billions of mechanisms...

  8. EMU ● EAP-TLS to standards-track – ... won't affect Vista though :-( ● Additional mechanisms – Strong shared-secret – Password-based

  9. SAML And SAML shall inherit the protocol stack...

  10. Worth notice... ● draft-housley-tls-authz-extns-07.txt ● krb-wg – anonymity – PADATA authz data (cf Active Directory) ● dix – self-asserted identity SAML profile? ● SIP SAML Profile – draft-ietf-sip-saml-00.txt

  11. WAE We got your phish right here...

  12. WAE (BOF) ● Web Authentication Enhancements – The ”Elliots-dad”-problem – Phishing-protection (ie service auth) – Even more SAML – DIX ● openid ● yars ● dixs – ”I own my blog”-authentication

  13. Channel Bindings Layering violations for fun and profit!

  14. Channel Bindings ● Layering violations for fun and profit ● Originated in NFSv4 & IP storage – Reuse of secure channels – Making ”lets just use IPSec” kosher ● BTNS (better than nothing security) – leap-of-faith – ssh-semantics

  15. Channel examples ● IPSec + GSSAPI ● TLS + Digest-MD5 ● HTTPS+Negotiate

  16. Q?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Middleware Chapter 2: Contents - Chapter 2 Understanding middleware Middleware as a

Middleware Chapter 2: Contents - Chapter 2 Understanding middleware Middleware as a

Middleware Chapter 2: Contents - Chapter 2 Understanding middleware Middleware as a programming abstraction Middleware as infrastructure A quick overview of conventional middleware platforms RPC TP Monitors Object

273 views • 24 slides
Java Middleware Patrick Eugster, Till Bay, Tomas Hruz Java Middleware What is middleware

Java Middleware Patrick Eugster, Till Bay, Tomas Hruz Java Middleware What is middleware

Chair of Software Engineering Languages in Depth Series: Java Programming Prof. Dr. Bertrand Meyer Java Middleware Patrick Eugster, Till Bay, Tomas Hruz Java Middleware What is middleware Client-server communication and method invocation

675 views • 65 slides
EOS: E Exactly xactly- -O Once E nce E- -S Service Middleware ervice Middleware EOS:

EOS: E Exactly xactly- -O Once E nce E- -S Service Middleware ervice Middleware EOS:

EOS: E Exactly xactly- -O Once E nce E- -S Service Middleware ervice Middleware EOS: German Shegalov, Gerhard Weikum Roger Barga, David Lomet (University of Saarland, Germany) (Microsoft Research, U.S.A.) PRESS THE SUBMIT BUTTON ONCE

467 views • 25 slides
Middleware Petr Tma Middleware Petr Tma This is a work in progress material created to

Middleware Petr Tma Middleware Petr Tma This is a work in progress material created to

Middleware Petr Tma Middleware Petr Tma This is a work in progress material created to support the Charles University Middleware lecture. It is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International

965 views • 72 slides
EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as

EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as

EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an "IETF

940 views • 7 slides
From Middleware Implementor to Middleware User (There and Back Again) Steve Vinoski Member of

From Middleware Implementor to Middleware User (There and Back Again) Steve Vinoski Member of

From Middleware Implementor to Middleware User (There and Back Again) Steve Vinoski Member of Technical Staff Verivue, Inc. Westford, MA USA Middleware 2009 4 December 2009 Friday, December 4, 2009 10 Years of Middleware! ...the 10th

771 views • 45 slides
Trust, Identity Management and GENI Dr. Ken Klingenstein, Senior Director, Middleware and

Trust, Identity Management and GENI Dr. Ken Klingenstein, Senior Director, Middleware and

Trust, Identity Management and GENI Dr. Ken Klingenstein, Senior Director, Middleware and Security, Internet2 Technologist, University of Colorado at Boulder Topics Internet identity update Technology updates ISOC, IETF Identity,

601 views • 23 slides
Root initiated routing state in RPL draft-ietf-roll-dao-projection Pascal Thubert IETF 105

Root initiated routing state in RPL draft-ietf-roll-dao-projection Pascal Thubert IETF 105

Root initiated routing state in RPL draft-ietf-roll-dao-projection Pascal Thubert IETF 105 Montreal 1 Changes Highlights New flag in the RPI to indicate projected route Needed for error processing Text on RFC 8138, Need for

417 views • 10 slides
Middleware Petr T uma Middleware by Petr T uma This material is a work in progress that

Middleware Petr T uma Middleware by Petr T uma This material is a work in progress that

Middleware Petr T uma Middleware by Petr T uma This material is a work in progress that is provided on a fair use condition to support the Charles University Middleware lecture. It should not be used for any other purpose than to support

1.05k views • 76 slides
Communication Middleware Software Layers 1.1 A distributed system organized as middleware. Note

Communication Middleware Software Layers 1.1 A distributed system organized as middleware. Note

Communication Middleware Software Layers 1.1 A distributed system organized as middleware. Note that the middleware layer extends over multiple machines. 2 Communication Alternatives Raw message passing TCP/IP: reliable byte stream

875 views • 26 slides
IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195

IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195

IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195 newcomers l IETF 82 was 948 people l 55 countries l IETF 82 was 48 countries IETF 82 was held in US JP CN FR UK Taipei, Taiwan DE

327 views • 8 slides
Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1

Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1

Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1 IETF Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any

637 views • 29 slides
NorduGrid NorduGrid collaboration: some history collaboration: some history collaboration: some

NorduGrid NorduGrid collaboration: some history collaboration: some history collaboration: some

NorduGrid NorduGrid and the ARC middleware and the ARC middleware and the ARC middleware NorduGrid NorduGrid and the ARC middleware Gergely Sipos (credits to Oxana Smirnova) MTA SZTAKI, Hungary GridKa School - September 14, 2006 - Karlsruhe

611 views • 24 slides
Entity Resolution: Glue for Middleware Hector Garcia-Molina Stanford University Middleware

Entity Resolution: Glue for Middleware Hector Garcia-Molina Stanford University Middleware

Entity Resolution: Glue for Middleware Hector Garcia-Molina Stanford University Middleware apps middleware ... System n System 1 2 Middleware apps middleware what matches what?? ... System n System 1 3 Matching Execution Level

794 views • 58 slides
Welcome to the IETF! You are standing at the end of the road before a small brick building

Welcome to the IETF! You are standing at the end of the road before a small brick building

Welcome to the IETF! You are standing at the end of the road before a small brick building Mike StJohns IETF 99 Prague, CZ IETF Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF

582 views • 29 slides
ThingsJS: Towards a Flexible and Self-Adaptable Middleware for Dynamic and Heterogeneous IoT

ThingsJS: Towards a Flexible and Self-Adaptable Middleware for Dynamic and Heterogeneous IoT

Motivation ThingsJS Scheduling Code Migration Communications ThingsJS: Towards a Flexible and Self-Adaptable Middleware for Dynamic and Heterogeneous IoT Environments Middleware for IoT m4iot@Middleware 2017 Julien Gascon-Samson,

855 views • 37 slides
CS344M Autonomous Multiagent Systems Patrick MacAlpine Department or Computer Science The

CS344M Autonomous Multiagent Systems Patrick MacAlpine Department or Computer Science The

CS344M Autonomous Multiagent Systems Patrick MacAlpine Department or Computer Science The University of Texas at Austin Good Afternoon, Colleagues Patrick MacAlpine Good Afternoon, Colleagues Are there any questions? Patrick MacAlpine

587 views • 35 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
CS7038 - Malware Analysis - Wk05.1 Static Analyzers Coleman Kane kaneca@mail.uc.edu February 7,

CS7038 - Malware Analysis - Wk05.1 Static Analyzers Coleman Kane kaneca@mail.uc.edu February 7,

CS7038 - Malware Analysis - Wk05.1 Static Analyzers Coleman Kane kaneca@mail.uc.edu February 7, 2017 Signature-based Anti-Virus Systems By far, the most popular weapon against cyber attacks is signature-based antivirus software. When

709 views • 12 slides
AN INSIDE LOOK AT Rationale BOTNETS Codebase Analysis (Agobot, SDBot, SpyBot, GT Bot)

AN INSIDE LOOK AT Rationale BOTNETS Codebase Analysis (Agobot, SDBot, SpyBot, GT Bot)

Table of Contents AN INSIDE LOOK AT Rationale BOTNETS Codebase Analysis (Agobot, SDBot, SpyBot, GT Bot) Architecture Paul Barford and Vinod Yagneswaran Remote Control Mechanisms Host Control Propagation Exploits and

158 views • 4 slides
Why Phishing is Different on Mobile Aaron Cockerill Gartner Security & Risk Management Summit

Why Phishing is Different on Mobile Aaron Cockerill Gartner Security & Risk Management Summit

Why Phishing is Different on Mobile Aaron Cockerill Gartner Security & Risk Management Summit 2018 1 The world has changed The corporate data center is in the cloud Starbucks is the new corporate Wi-Fi Employees have all gone mobile

733 views • 37 slides
OS Security Thierry Sans Security is a wide topic CSCD27 Computer and Network Security covers

OS Security Thierry Sans Security is a wide topic CSCD27 Computer and Network Security covers

OS Security Thierry Sans Security is a wide topic CSCD27 Computer and Network Security covers Cryptography Network security System security Web security (recap) Protection File systems implement a protection system Who

800 views • 30 slides
Digital Privacy: Hands-on Tactics & Tools for Libraries Workshop 2 1 About Us This is a

Digital Privacy: Hands-on Tactics & Tools for Libraries Workshop 2 1 About Us This is a

Digital Privacy: Hands-on Tactics & Tools for Libraries Workshop 2 1 About Us This is a collaboration with: Brooklyn Public Library Metropolitan New York Library Council (METRO) New America and London School of Economics

660 views • 55 slides
Technology Department Bob Pattison IT Director Joe Thomas PC Technician Julius Ramirez

Technology Department Bob Pattison IT Director Joe Thomas PC Technician Julius Ramirez

Technology Department Bob Pattison IT Director Joe Thomas PC Technician Julius Ramirez PC Technician Budget $184,013 1200 computers VPN with town Interface between

503 views • 6 slides

More recommend