Authentication Layer
|
|
- Derick Casey
- 5 years ago
- Views:
Transcription
1 Authentication Layer In order to provide the authenticated perfect links abstraction an auxiliary authentication layer can be used on the top of a perfect point to point layer. The authentication layer is implemented by the SignatureLayer/SignatureSession classes. Each process must provide in the layer configuration properties a security alias that identifies the process certificate, a private key to sign outgoing messages, and a list of trusted certificates to verify incoming messages. Outgoing Messages Messages going down the stack have the security alias attached to it and are signed using the provided private key, as shown in Listing 1. The signature is encoded as a base64 string and attached to the message. Current implementation uses the SHA1withRSA algorithm to generate the signature. private void attachsignatureandgo(event e, Message message) message.pushstring(myalias); String signature = enc.encode(signdata(message.tobytearray(), privkey)); message.pushstring(signature); e.go(); catch(exception ex) System.err.println("Error on signing outgoing message."); ex.printstacktrace(); Incoming Messages Listing 1 - SignatureSession handling outgoing message Listing 2 shows the snippet where the incoming messages are handled. In order to accept incoming messages the authentication layer pops the sending process alias and the signature from the message, and tries to verify it with the certificate associated with the other process alias. Additionally, the push_signature flag in the SignatureLayer may be set to true if the upper layer wants the signature to remain attached to the message. private void verifysignatureandgo(event e, Message message) String signature = message.popstring(); String useralias = message.popstring();
2 try if(verifysignature(message, useralias, signature, trustedstore)) if(pushsignature) message.pushstring(signature); e.go(); catch(exception ex) System.err.println("Error on verifying signature of ingoing message."); Listing 2 - SignatureSession handling incoming message The auxiliary static method verifysignature, presented in Listing 3, checks if a signature is valid for a given message. Three situations may occur: The message is accepted if the signature is verified for the sending process. The message is rejected if the signature cannot be verified for the sending process. The message is rejected if the sending process is not a trusted entity. public static boolean verifysignature(message message, String useralias, String signature, KeyStore trustedstore) throws Exception boolean verified = false; BASE64Decoder dec = new BASE64Decoder(); if(trustedstore.containsalias(useralias)) Certificate usercert = trustedstore.getcertificate(useralias); message.pushstring(useralias); if(verifysig(message.tobytearray(), usercert.getpublickey(), dec.decodebuffer(signature))) verified = true; else System.err.println("Failure on verifying signature of user " + useralias + "."); message.popstring(); else System.err.println("Message from untrusted user: " + useralias); return verified; Listing 3 - auxiliary verifysignature method
3 Byzantine Consistent Broadcast The communication stack used to implement the Byzantine Consistent Broadcast is the following: Application Byzantine Consistent Broadcast (Implemented by EchoBroadcastSession) Authentication Layer (implemented by SignatureSession) Perfect Point to Point Links (Implented by TcpComplete) The stack provided by EchoBroadcastSession and SignatureSession together implement the Signed Echo Broadcast protocol (algorithm 3.17) specified in the book. The SignatureSession layer signs packets going down the stack and verifies packets going back up the stack from below. Furthermore, it exposes a static method to verify signatures which can be used by the EchoBroadcastSession in the final step of the algorithm. In accordance with the algorithm specified in 3.17, an instance of this implementation can be used for one broadcast only. We add a public reset() method to the EchoBroadcastSession which can be invoked before using the same instance for another broadcast, if required. Our implementation is shown in listings 4 to 7. Listing 4 shows the handling of a echo broadcast event. Our implementation uses a sequence number for each broadcast for safety in addition to the protocol specified in the algorithm itself. protected void echobroadcast(echobroadcastevent echoevent) int nextsequencenumber = ++sequencenumber; ); replyqueue.put(nextsequencenumber, new ArrayList<EchoBroadcastEvent>() echoevent.setchannel(channel); echoevent.setdir(direction.down); echoevent.setsourcesession(this); echoevent.setecho(false); echoevent.setfinal(false); echoevent.setsequencenumber(nextsequencenumber);
4 // This pushes all the required values to the message stack. echoevent.pushvaluestomessage(); /* * Algorithm: * * upon event < bcb, Broadcast m > do * for all processes do * trigger < al, Send q, [Send m]>; */ echoevent.dest = new AppiaMulticast (null, processes.getallsockets()); echoevent.init(); echoevent.go(); catch (AppiaEventException eventerror) eventerror.printstacktrace(); Listing 4 - Echo Broadcast The method that respond to echo messages is presented in Listing 5. protected void sendechoreply(echobroadcastevent echoevent) if (alreadyreplied(echoevent)) return; sentecho = true; EchoBroadcastEvent reply = new EchoBroadcastEvent(); // Need to sign the below. This is done by the signature // layer below us. reply.setecho(true); reply.setsequencenumber(echoevent.getsequencenumber()); reply.dest = echoevent.source; reply.setsourcesession(this); reply.setchannel(channel); reply.setdir(direction.down); reply.settext(echoevent.gettext()); reply.pushvaluestomessage();
5 // try sending reply to source reply.init(); reply.go(); // if successful, mark as sent echo replybuffer.add(echoevent); catch (AppiaEventException appiaerror) appiaerror.printstacktrace(); Listing 5 - Echo Reply Listing 6 shows the collect of responses from the cohorts. Collected echo responses are indexed by the sequence number. protected void collectechoreply(echobroadcastevent echoevent, String signature) SocketAddress sa = (SocketAddress) echoevent.source; sigmas[processes.getrank(sa)] = signature; // Add to reply queue. replyqueue.get(echoevent.getsequencenumber()).add(echoevent); // From algo: When #echos > (N + F)/2, and the echos are verified, then continue // Note: The verification is done by the signature layer below. Msgs who's verification has // failed won't make it till here. if (replyqueue.get(echoevent.getsequencenumber()).size() > Math.floor((N + F)/2.0) && sentfinal == false) boolean done = false; List<String> alreadycovered = new ArrayList<String> (); /* See if we have more than (N + F)/2 occurrences for the same message. */ for (EchoBroadcastEvent ebe1 : replyqueue.get (echoevent.getsequencenumber())) int num = 0; if (alreadycovered.contains(ebe1.gettext())) continue; else
6 alreadycovered.add(ebe1.gettext()); // Verify if we have > (N + F)/2 identical msgs. for (EchoBroadcastEvent ebe2 : replyqueue.get (echoevent.getsequencenumber())) if (ebe1.gettext().equals(ebe2.gettext())) num++; if (num > Math.floor((N + F)/2.0)) done = true; break; if (done == true) sendfinal(echoevent); break; Listing 6 - Collecting echo replies Finally, in Listing 7 the echo broadcast is delivered if the signatures are valid for n+f/2 processes. private void deliverfinal(echobroadcastevent echoevent) String sigma; int verified = 0; // Unpack signatures. for (int i = processes.getallprocesses().length-1; i >= 0; i--) sigmas[i] = echoevent.getmessage().popstring(); // Verify all the signatures and maintain a count of them. Message echomessage = getechomessage(echoevent); for (int i = 0; i < processes.getallprocesses().length; i++) sigma = sigmas[i]; if (!sigma.equals(bottom)) if(signaturesession.verifysignature(echomessage, EBConstants.PROCESS_ALIAS_PREFIX + i, sigma, trustedstore)) verified++;
7 catch (Exception e) e.printstacktrace(); // If we have at least (N + F)/2 verified messages of content 'm', then deliver m. if (delivered == false && verified > Math.floor((N+F)/2.0)) delivered = true; echoevent.go(); catch (AppiaEventException e) e.printstacktrace(); Listing 7 - Delivering broadcast Try it: To test the effectiveness of the algorithm a Byzantine node implementation is provided. Thus, you can start processes that behaves correctly and processes that models a specific byzantine behaviour. There are three byzantine behaviours provided in the sample code. Note: EchoBroadcastSession assumes that the certificate of each process is stored in the trusted certificates file with the alias: user<process_rank>. Moreover, certificates and private key stores are assumed to use the password for testing purposes. Test-1: The byzantine node is one of the nodes that receive a broadcast from the original sender. It then responds with a corrupted message and signature in the ECHO step. Test-2: The byzantine node is the initiator of the broadcast. It attempts to modify the reply sent by one of the other nodes and replies with modified messages to the third node, who detects the tampering. Test-3: The byzantine node sends different messages to each cohort in the first step. This is ultimately detected during the FINAL phase by the cohorts. To run any of these tests you need to start at least four processes, of which one may execute the byzantine behaviour. Try running the following scenario: 1. Launch three shells.
8 2. In each shell, go to the directory where you ve placed the supplied code. 3. In each shell launch the test application giving a different value (0, 1 or 2), and providing the list of certificates for the processes. A sample set of certificates are provided in the etc/folder. In shell 0, execute:./run.sh -f etc/processes.conf -n 0 -qos bcb etc/user0.jks etc/usercerts.jks In shell 1, execute:./run.sh -f etc/processes.conf -n 1 -qos bcb etc/user1.jks etc/usercerts.jks In shell 2, execute:./run.sh -f etc/processes.conf -n 2 -qos bcb etc/user2.jks etc/usercerts.jks In shell 3, execute:./run.sh -f etc/processes.conf -n 3 -qos bcb etc/user3.jks etc/usercerts.jks 4. Type anything into the terminal from any of the nodes, you ll notice that the delivery happens correctly. Now we ll test with some byzantine behaviour. 5. In three of the shells, restart the processes with the command above. In the fourth shell, instead of starting a correct process, start a byzantine process with:./run.sh -f etc/processes.conf -n 3 -qos byzantine_bcb etc/ user3.jks etc/usercerts.jks test1 6. This should also work, although processes 0-2 will note that the signature is not verified for process Now try removing one correct process from the scenario and notice that it will not work as intended since a majority cannot be reached (3f + 1 nodes are required). 8. In the next run, repeat the procedure in step 5, but use test2 as an argument. 9. Sending out a message from shell 4 (byzantine node) fails to deliver. This is because the algorithm protects against the delivering of messages that fails the signature verification. 10. In the next run, repeat the procedure in step 5, but use test3 as an argument. 11. Sending out a message from shell 4 (byzantine node) fails to deliver. This is because the algorithm protects against the delivering of messages that do not have a byzantine quorum among the nodes.
9 Byzantine Consistent Channel The communication stack used to implement the Byzantine Consistent Channel is the following: Application Byzantine Consistent Channel (Implemented by ByzantineConsistentChannelSession) Byzantine Consistent Broadcast - multiple instances (Implemented by EchoBroadcastSession) Authentication Layer (implemented by SignatureSession) Perfect Point to Point Links (Implemented by TcpComplete) As per the algorithm, the ByzantineConsistentChannel session instantiates as many instances of Byzantine Consistent Broadcast as there are processes in the system. At the end of each broadcast, a reset() method of the ByzantineConsistentBroadcast session is invoked to represent the re-instantiation of such an instance, as specified in the algorithm. The delivery of a label (in this case, a sequence number), is done by appending a label: tag at the end of the text member of the EchoBroadcastEvent. This is delivered to the ApplicationSession and displayed on the terminal output. Listing 8 shows the sending of the broadcast using a Byzantine Consistent Broadcast. To protect against a message being dropped when the channel is in the not ready state, we enter a busy loop with a small pause in between. The loop only breaks when the message can be sent. public void echobroadcast(echobroadcastevent echoevent) while(true) if (ready == true) ready = false;
10 /* * Set appropriate child channel before transmitting */ echoevent.setchannel(childchannels[processes.getselfrank()]); bcbs[processes.getselfrank()].reset (); echoevent.init (); echoevent.go (); catch (AppiaEventException e) e.printstacktrace(); break; /* * If the session is already in the middle of a broadcast (ready == false) * then wait a little before re-trying to transmit. */ Thread.sleep(500); catch (InterruptedException e) e.printstacktrace(); Listing 8 - Sending echo broadcast Listing 9 shows the final phase of the channel wherein the sequence number for the broadcast instance corresponding to the source of the message is incremented. The label has been implemented as a label:<num> tag appended to the text field of the EchoBroadcastEvent instance. This is displayed in the application shell. Since this field is locally incremented by each node, it maintains the no duplication property of the channel. private void pp2pdeliver(echobroadcastevent echoevent) /* * Re-initialise another instance for the pth bcb instance, * where p is the process ID of the process that initiated * this broadcast. */ SocketAddress sa = (SocketAddress) echoevent.source; sequencenumbers[processes.getrank(sa)]++;
11 bcbs[processes.getrank(sa)].reset(); /* * If we initiated the broadcast, and its done, we're now ready again. */ if (processes.getrank(sa) == processes.getselfprocess().getprocessnumber()) ready = true; echoevent.settext(echoevent.gettext() + " label:"+ (sequencenumbers[processes.getrank(sa)] - 1)); echoevent.go (); catch (AppiaEventException e) e.printstacktrace(); Listing 9 - Creating Broadcast channel Try it: All the same tests from the previous example can be run to verify correct working of the system. Furthermore, the non duplication property is achieved by means of sequence numbers. Note: Similarly ByzantineConsistentChannel assumes that the certificate of each process is stored in the trusted certificates file with the alias: user<process_rank>. Moreover, certificates and private key stores are assumed to use the password for testing purposes. To experiment with these details, try running the following scenarios: 1. Launch four shells. 2. In each directory, go to the place where you ve placed the supplied code. 3. Run using similar commands as above but using a different QoS:./run.sh -f etc/processes.conf -n 0 -qos bcc etc/user0.jks etc/ usercerts.jks 4. If you want to run the tests, start a byzantine node using:./run.sh -f etc/processes -n 3 -qos byzantine_bcc etc/user3.jks
12 etc/usercerts.jks test<1-3>
Text Input and Conditionals
Text Input and Conditionals Text Input Many programs allow the user to enter information, like a username and password. Python makes taking input from the user seamless with a single line of code: input()
More informationOverview of Web Services API
CHAPTER 1 The Cisco IP Interoperability and Collaboration System (IPICS) 4.0(x) application programming interface (API) provides a web services-based API that enables the management and control of various
More informationCSCD 330 Network Programming
CSCD 330 Network Programming Lecture 12 More Client-Server Programming Winter 2019 Reading: References at end of Lecture 1 Introduction So far, Looked at client-server programs with Java Sockets TCP and
More informationCS 351 Design of Large Programs Threads and Concurrency
CS 351 Design of Large Programs Threads and Concurrency Brooke Chenoweth University of New Mexico Spring 2018 Concurrency in Java Java has basic concurrency support built into the language. Also has high-level
More informationDS2OS Hands-On. Part I: The Tickle Service. Stefan Liebald. Distributed Smart 2pace Orchestration System
DS2OS Hands-On Stefan Liebald Part I: The Tickle Service 1 What can you find on the VM? Username: ds2os, Password: ds2os All required files are in the folder ~/ds2os (symlink on the desktop) ~/ds2os/models:
More informationClasses, interfaces, & documentation. Review of basic building blocks
Classes, interfaces, & documentation Review of basic building blocks Objects Data structures literally, storage containers for data constitute object knowledge or state Operations an object can perform
More informationEnvironment Dictionary
APPENDIX B This appendix describes the environment variables the scripts use to communicate with Cisco Access Registrar or to communicate with other scripts. Cisco Access Registrar sets the arguments variable
More informationA Correctness Proof for a Practical Byzantine-Fault-Tolerant Replication Algorithm
Appears as Technical Memo MIT/LCS/TM-590, MIT Laboratory for Computer Science, June 1999 A Correctness Proof for a Practical Byzantine-Fault-Tolerant Replication Algorithm Miguel Castro and Barbara Liskov
More informationCSCD 330 Network Programming
CSCD 330 Network Programming Lecture 12 More Client-Server Programming Winter 2016 Reading: References at end of Lecture 1 Introduction So far, Looked at client-server programs with Java Sockets TCP and
More informationBatches and Commands. Overview CHAPTER
CHAPTER 4 This chapter provides an overview of batches and the commands contained in the batch. This chapter has the following sections: Overview, page 4-1 Batch Rules, page 4-2 Identifying a Batch, page
More informationManaging Certificates
CHAPTER 12 The Cisco Identity Services Engine (Cisco ISE) relies on public key infrastructure (PKI) to provide secure communication for the following: Client and server authentication for Transport Layer
More informationJava Security. Compiler. Compiler. Hardware. Interpreter. The virtual machine principle: Abstract Machine Code. Source Code
Java Security The virtual machine principle: Source Code Compiler Abstract Machine Code Abstract Machine Code Compiler Concrete Machine Code Input Hardware Input Interpreter Output 236 Java programs: definitions
More informationChapter 12: How to Create and Use Classes
CIS 260 C# Chapter 12: How to Create and Use Classes 1. An Introduction to Classes 1.1. How classes can be used to structure an application A class is a template to define objects with their properties
More informationHandout 20 - Quiz 2 Solutions
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.033 Computer Systems Engineering: Spring 2001 Handout 20 - Quiz 2 Solutions 20 Average: 81 Median: 83 Std.
More informationCSE 143 SAMPLE MIDTERM
CSE 143 SAMPLE MIDTERM 1. (5 points) In some methods, you wrote code to check if a certain precondition was held. If the precondition did not hold, then you threw an exception. This leads to robust code
More informationPennsbury G-Mail Composing and Sending Messages Compose
Pennsbury G-Mail Composing and Sending Messages From the main screen, click on the Compose button to begin drafting a new message: The new message window will appear. Enter the subject of the email on
More informationIntroduction to Programming Using Java (98-388)
Introduction to Programming Using Java (98-388) Understand Java fundamentals Describe the use of main in a Java application Signature of main, why it is static; how to consume an instance of your own class;
More informationSecurity Philosophy. Humans have difficulty understanding risk
Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy
More informationExample: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks
Example: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks In an ARP spoofing attack, the attacker associates its own MAC address with the IP address of a network device
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationFun facts about recursion
Outline examples of recursion principles of recursion review: recursive linked list methods binary search more examples of recursion problem solving using recursion 1 Fun facts about recursion every loop
More informationPractical Byzantine Fault Tolerance. Castro and Liskov SOSP 99
Practical Byzantine Fault Tolerance Castro and Liskov SOSP 99 Why this paper? Kind of incredible that it s even possible Let alone a practical NFS implementation with it So far we ve only considered fail-stop
More informationDeclarations and Access Control SCJP tips
Declarations and Access Control www.techfaq360.com SCJP tips Write code that declares, constructs, and initializes arrays of any base type using any of the permitted forms both for declaration and for
More information0.8.0 SimpleConsumer Example
0.8.0 SimpleConsumer Example Using SimpleConsumer Why use SimpleConsumer? The main reason to use a SimpleConsumer implementation is you want greater control over partition consumption than Consumer Groups
More informationITI Introduction to Computing II
ITI 1121. Introduction to Computing II Marcel Turcotte School of Electrical Engineering and Computer Science Binary search tree (part I) Version of March 24, 2013 Abstract These lecture notes are meant
More informationOffice 365 Training For the
Office 365 Training For the 1 P age Contents How to Log in:... 3 Change Your Account Password... 3 Create a Message... 4 Add a Signature... 4 Learn About Inbox Rules... 5 Options > Automatic Replies...
More informationLife After Webmail Reference Guide
Life After Webmail Reference Guide (An Introduction to Outlook Web Access 2007 Client User Interface) https://owa.wiu.k12.pa.us Westmoreland Intermediate Unit Information Technology Services 102 Equity
More informationProgramming with the Service Control Engine Subscriber Application Programming Interface
CHAPTER 5 Programming with the Service Control Engine Subscriber Application Programming Interface Revised: July 28, 2009, Introduction This chapter provides a detailed description of the Application Programming
More informationProgramming with the Service Control Engine Subscriber Application Programming Interface
CHAPTER 5 Programming with the Service Control Engine Subscriber Application Programming Interface Revised: November 20, 2012, Introduction This chapter provides a detailed description of the Application
More informationCSC Java Programming, Fall Java Data Types and Control Constructs
CSC 243 - Java Programming, Fall 2016 Java Data Types and Control Constructs Java Types In general, a type is collection of possible values Main categories of Java types: Primitive/built-in Object/Reference
More informationConcurrency and Java Programming
Concurrency and Java Programming What is Concurrent Programming? Concurrent programming involves using features of the Java VM that allow parts of your program to run in parallel with each other. This
More informationData Structure. Recitation IV
Data Structure Recitation IV Topic Java Generics Java error handling Stack Lab 2 Java Generics The following code snippet without generics requires casting: List list = new ArrayList(); list.add("hello");
More informationITI Introduction to Computing II
ITI 1121. Introduction to Computing II Marcel Turcotte School of Electrical Engineering and Computer Science Binary search tree (part I) Version of March 24, 2013 Abstract These lecture notes are meant
More informationShort Notes of CS201
#includes: Short Notes of CS201 The #include directive instructs the preprocessor to read and include a file into a source code file. The file name is typically enclosed with < and > if the file is a system
More informationReliable Broadcast. vanilladb.org
Reliable Broadcast vanilladb.org Broadcast A broadcast abstraction enables a process to send a message to all processes in a system, including itself A naïve approach Try to broadcast the message to as
More informationRecommendation: Play the game and attempt to answer the questions yourself without looking at the answers. You ll learn much less if you just look at
Recommendation: Play the game and attempt to answer the questions yourself without looking at the answers. You ll learn much less if you just look at the question, then the answer, and go Okay, that makes
More informationMultithreaded Programming
Multithreaded Programming Multithreaded programming basics Concurrency is the ability to run multiple parts of the program in parallel. In Concurrent programming, there are two units of execution: Processes
More informationObject-Oriented Programming
Object-Oriented Programming 1. What is object-oriented programming (OOP)? OOP is a technique to develop logical modules, such as classes that contain properties, methods, fields, and events. An object
More informationCS201 - Introduction to Programming Glossary By
CS201 - Introduction to Programming Glossary By #include : The #include directive instructs the preprocessor to read and include a file into a source code file. The file name is typically enclosed with
More informationCOMPSCI 230 Threading Week8. Figure 1 Thread status diagram [http://www.programcreek.com/2009/03/thread-status/]
COMPSCI 230 Threading Week8 Figure 1 Thread status diagram [http://www.programcreek.com/2009/03/thread-status/] Synchronization Lock DeadLock Why do we need Synchronization in Java? If your code is executing
More informationWhat is epals SchoolMail? Student Accounts. Passwords. Safety. Flag Attachment
What is epals SchoolMail? http://www.epals.com/ epals Schoolmail is a complete, Internet-based email solution and collaborative toolset designed for the education environment. Student Accounts Students
More informationTechnical Note: LogicalApps Web Services
Technical Note: LogicalApps Web Services Introduction... 1 Access Governor Overview... 1 Web Services Overview... 2 Web Services Environment... 3 Web Services Documentation... 3 A Sample Client... 4 Introduction
More informationCS111: PROGRAMMING LANGUAGE II
CS111: PROGRAMMING LANGUAGE II Computer Science Department Lecture 1(c): Java Basics (II) Lecture Contents Java basics (part II) Conditions Loops Methods Conditions & Branching Conditional Statements A
More informationParish . User Manual
Parish Email User Manual Table of Contents LOGGING IN TO PARISH EMAIL... 3 GETTING STARTED... 3 GENERAL OVERVIEW OF THE USER INTERFACE... 3 TERMINATE THE SESSION... 4 EMAIL... 4 MESSAGES LIST... 4 Open
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationInternet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.
Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:
More informationLecture 9: Introduction to Monitors
COMP 150-CCP Concurrent Programming Lecture 9: Introduction to Monitors Dr. Richard S. Hall rickhall@cs.tufts.edu Concurrent programming February 14, 2008 Abstracting Locking Details Recall our discussion
More informationChapter 9: Key Management
Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #9-1 Overview Key exchange Session vs. interchange
More informationCSS 533 Program 2: Distributed Java Space Servers Professor: Munehiro Fukuda Due date: see the syllabus
CSS 533 Program 2: Distributed Java Space Servers Professor: Munehiro Fukuda Due date: see the syllabus 1. Purpose This assignment implements a collection of distributed Java Space servers, which exercises
More informationCiphermail Webmail Messenger Administration Guide
CIPHERMAIL EMAIL ENCRYPTION Ciphermail Webmail Messenger Administration Guide October 27, 2017, Rev: 8630 Copyright 2013-2017, ciphermail.com. CONTENTS CONTENTS Contents 1 Introduction 4 2 Admin login
More informationPolicy Based Device Access Security Position Paper to Device Access Policy Working Group
1 (8) Policy Based Device Access Security Position Paper to Device Access Policy Working Group 2 (8) 1. INTRODUCTION Nokia has implemented a policy-based device access security model for its Web runtime
More informationProblems with Concurrency. February 19, 2014
with Concurrency February 19, 2014 s with concurrency interleavings race conditions dead GUI source of s non-determinism deterministic execution model 2 / 30 General ideas Shared variable Access interleavings
More informationOPC UA Configuration Manager PTC Inc. All Rights Reserved.
2017 PTC Inc. All Rights Reserved. 2 Table of Contents 1 Table of Contents 2 4 Overview 4 5 Project Properties - OPC UA 5 Server Endpoints 7 Trusted Clients 9 Discovery Servers 10 Trusted Servers 11 Instance
More informationECE 435 Network Engineering Lecture 9
ECE 435 Network Engineering Lecture 9 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 2 October 2018 Announcements HW#4 was posted, due Thursday 1 HW#3 Review md5sum/encryption,
More informationManaging Administrative Security
5 CHAPTER 5 Managing Administrative Security This chapter describes how to manage administrative security by using the secure administration feature. This chapter assumes that you are familiar with security
More informationTroubleshooting IMAP Clients and ViewMail for Outlook
Troubleshooting IMAP Clients and ViewMail for Outlook, page 1 Troubleshooting Problems with Changing Passwords When users change their Cisco Personal Communications Assistant (PCA) password in the Messaging
More informationPlatform SDK Developer's Guide. Management Layer
Platform SDK Developer's Guide Management Layer 11/27/2017 Management Layer You can use the Management Platform SDK to write Java or.net applications that interact with the Genesys Message Server, Solution
More informationAnswer Key. 1. General Understanding (10 points) think before you decide.
Answer Key 1. General Understanding (10 points) Answer the following questions with yes or no. think before you decide. Read the questions carefully and (a) (2 points) Does the interface java.util.sortedset
More informationTesting Exceptions with Enforcer
Testing Exceptions with Enforcer Cyrille Artho February 23, 2010 National Institute of Advanced Industrial Science and Technology (AIST), Research Center for Information Security (RCIS) Abstract Java library
More informationSecurity in ECE Systems
Lecture 11 Information Security ECE 197SA Systems Appreciation Security in ECE Systems Information security Information can be very valuable Secure communication important to protect information Today
More informationSecuring OPC UA Client Connections. OPC UA Certificate handling with the OPC Data Client Development Toolkit s EasyOPCUA Client Objects
Securing OPC UA Client Connections OPC UA Certificate handling with the OPC Data Client Development Toolkit s EasyOPCUA Client Objects Page 2 of 16 Table of Contents INTRODUCTION 3 THE SAMPLE CODE AND
More informationJava Review Outline. basics exceptions variables arrays modulo operator if statements, booleans, comparisons loops: while and for
Java Review Outline basics exceptions variables arrays modulo operator if statements, booleans, comparisons loops: while and for Java basics write a simple program, e.g. hello world http://www2.hawaii.edu/~esb/2017fall.ics211/helloworl
More informationCMSC 433 Programming Language Technologies and Paradigms. Spring 2013
1 CMSC 433 Programming Language Technologies and Paradigms Spring 2013 Wait / Notify / NotifyAll Optimistic Retries Composition Follow-up (the risk I mentioned) ReentrantLock, Wait, Notify, NotifyAll Some
More informationBasic Tutorial on Creating Custom Policy Actions
Basic Tutorial on Creating Custom Policy Actions This tutorial introduces the Policy API to create a custom policy action. As an example you will write an action which excludes certain values for an asset
More informationADVANCED General Certificate of Education Software Systems Development Unit AS 1. Introduction to Object Oriented Development [SDV11]
ADVANCED General Certificate of Education 2018 Software Systems Development Unit AS 1 Introduction to Object Oriented Development [SDV11] THURSDAY 24 MAY, AFTERNOON MARK SCHEME 11285.01 F 1 Term Definition
More information2013 edition (version 1.1)
2013 edition (version 1.1) Contents 1 Introduction... 3 2 Signing in to your Office 365 account... 3 2.1 Acceptable Use Policy and Terms of Use... 4 3 Setting your profile and options... 4 3.1 Settings:
More informationAP COMPUTER SCIENCE JAVA CONCEPTS IV: RESERVED WORDS
AP COMPUTER SCIENCE JAVA CONCEPTS IV: RESERVED WORDS PAUL L. BAILEY Abstract. This documents amalgamates various descriptions found on the internet, mostly from Oracle or Wikipedia. Very little of this
More informationReview: Array Initializer Lists
More on Arrays Review of Arrays of ints, doubles, chars Arrays of objects Command line arguments The ArrayList class Javadoc Review Lecture 8 notes and L&L 7.1 7.2 Reading for this lecture: L&L 7.3 7.7,
More informationCreate New Virtual Hub window.
SoftEther VPN Server makes it possible to create a plurality of Virtual Hubs, and to separate administration objects and VPN session layer 2 communication between each Virtual Hub. This manual explains
More informationMultitasking Multitasking allows several activities to occur concurrently on the computer. A distinction is usually made between: Process-based multit
Threads Multitasking Multitasking allows several activities to occur concurrently on the computer. A distinction is usually made between: Process-based multitasking Thread-based multitasking Multitasking
More informationComputer Programming
Computer Programming Dr. Deepak B Phatak Dr. Supratik Chakraborty Department of Computer Science and Engineering Session: Quiz and Practice Questions on Classes Part 1 Dr. Deepak B. Phatak & Dr. Supratik
More information2018/2/5 话费券企业客户接入文档 语雀
1 2 2 1 2 1 1 138999999999 2 1 2 https:lark.alipay.com/kaidi.hwf/hsz6gg/ppesyh#2.4-%e4%bc%81%e4%b8%9a%e5%ae%a2%e6%88%b7%e6%8e%a5%e6%94%b6%e5%85%85%e5 1/8 2 1 3 static IAcsClient client = null; public static
More informationConsensus and related problems
Consensus and related problems Today l Consensus l Google s Chubby l Paxos for Chubby Consensus and failures How to make process agree on a value after one or more have proposed what the value should be?
More informationDistributed Systems (ICE 601) Fault Tolerance
Distributed Systems (ICE 601) Fault Tolerance Dongman Lee ICU Introduction Failure Model Fault Tolerance Models state machine primary-backup Class Overview Introduction Dependability availability reliability
More informationDo not turn to the next page until the start of the exam.
Principles of Java Language with Applications, PIC20a E. Ryu Winter 2017 Final Exam Monday, March 20, 2017 3 hours, 8 questions, 100 points, 11 pages While we don t expect you will need more space than
More information7. MULTITHREDED PROGRAMMING
7. MULTITHREDED PROGRAMMING What is thread? A thread is a single sequential flow of control within a program. Thread is a path of the execution in a program. Muti-Threading: Executing more than one thread
More informationComputing Fundamentals Advanced functions & Recursion
Computing Fundamentals Advanced functions & Recursion Salvatore Filippone salvatore.filippone@uniroma2.it 2014 2015 (salvatore.filippone@uniroma2.it) Recursion 2014 2015 1 / 14 Anonymous functions Useful
More informationSecure Remote Access: SSH & HTTPS
Secure Remote Access: SSH & HTTPS What is SSH? SSH Secure Shell SSH is a protocol for secure remote login and other secure network services over an insecure network developed by SSH Communications Security
More informationCisco License Manager Software Developer s Kit Cookbook
Cisco License Manager Software Developer s Kit Cookbook Chapter 1: Overview... 2 Chapter 2: Installation and Setup... 3 Chapter 3: Getting Started... 4 Chapter 4: Device Discovery... 7 Chapter 5: Adding
More informationOperating Systems Design Exam 3 Review: Spring Paul Krzyzanowski
Operating Systems Design Exam 3 Review: Spring 2012 Paul Krzyzanowski pxk@cs.rutgers.edu 1 Question 1 An Ethernet device driver implements the: (a) Data Link layer. (b) Network layer. (c) Transport layer.
More informationSMS Center, ver. 2.23, Dec Reference manual
SMS Center, ver. 2.23, Dec 13 2002 Reference manual Index 1. SMS Center 3 1.1 Concept 3 1.2 Message sources 3 1.2.1 TERMINAL message source 3 1.2.2 FILE message source 3 1.2.3 GSM message source 3 1.2.4
More informationSSL Configuration Oracle Banking Liquidity Management Release [April] [2017]
SSL Configuration Oracle Banking Liquidity Management Release 12.4.0.0.0 [April] [2017] Table of Contents 1. CONFIGURING SSL ON ORACLE WEBLOGIC... 1-1 1.1 INTRODUCTION... 1-1 1.2 SETTING UP SSL ON ORACLE
More informationJava Threads. COMP 585 Noteset #2 1
Java Threads The topic of threads overlaps the boundary between software development and operation systems. Words like process, task, and thread may mean different things depending on the author and the
More informationADL 101: Week 2 Syllabus
ADL 101: Week 2 Syllabus TYPES OF MESSAGING CONTINUOUS MESSAGES A stream of information that is continuously disseminated by an exchange. For instance, the bid quantity available at a specific price level
More informationESET Mobile Security for Windows Mobile. Installation Manual and User Guide - Public Beta
ESET Mobile Security for Windows Mobile Installation Manual and User Guide - Public Beta Contents...3 1. Installation of ESET Mobile Security 1.1 Minimum...3 system requirements 1.2 Installation...3 1.2.1
More informationAdobe Sign for Microsoft Dynamics
Adobe Sign for Microsoft Dynamics Installation & Configuration Guide (v5) Last Updated: March 16, 2017 2017 Adobe Systems Incorporated. All rights reserved Table of Contents Overview... 3 Prerequisites...
More informationNetworking Named Content: Content-Centric Networking. John Rula
Networking Named Content: Content-Centric Networking John Rula Overview Replacing traditional host based routing with named content routing Consumers request a data s name instead of a host (ip address)
More informationInstall & Configure Thunderbird E- mail
Install & Configure Thunderbird E- mail Thunderbird is a free, open source mail client that runs on Windows, Mac, and Linux. This document will cover specific information about setting up Thunderbird 2
More informationDistributed Systems Recitation 2. Tamim Jabban
15-440 Distributed Systems Recitation 2 Tamim Jabban Agenda Communication via Sockets in Java (this enables you to complete PS1 and start P1 (goes out today!)) Multi-threading in Java Coding a full Client-Server
More informationSeries 1000 / G Cellular Modem / Router. Firmware Release Notes
Series 1000 / 2000 3G Cellular Modem / Router Firmware Release Notes Document Number: 0013-001-000138 () Firmware Version: v1.40 Dcoumentation Control Generation Date: April 28, 2010 Cybertec Pty Limited
More informationGoToAssist Representative Quick Start Guide Web and Phone Mode. Citrix Online. Version Hollister Avenue Goleta CA 93117
GoToAssist Representative Quick Start Guide Web and Phone Mode Version 10.0 Citrix Online 7414 Hollister Avenue Goleta CA 93117 +1-805-690-6400 Fax: +1-805-690-6471 2012 Citrix Online, LLC. All rights
More informationFIPA-OS Tutorial Step 3. Ping Agent
i Ping Agent Reference Open Source Copyright Notice and License: FIPA-OS 1. The programs and other works made available to you in these files ("the Programs") are Copyright (c) 1999-2000 Nortel Networks
More informationThreads Chate Patanothai
Threads Chate Patanothai Objectives Knowing thread: 3W1H Create separate threads Control the execution of a thread Communicate between threads Protect shared data C. Patanothai Threads 2 What are threads?
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationNotifySync 4.7. Notify Technology Corporation
1 NotifySync 4.7 Notify Technology Corporation Device Requirements 2 BlackBerry OS 4.1 4.7 (5.0 coming soon) 4.5.0 and later Attachments can be downloaded and saved to the file system or SD Card. Any attachment
More informationModel Information, Status, and Statistics
Overview, page 1 Display Model Information Screen, page 1 Status Menu, page 2 Overview This chapter describes how to use the following menu and screen on the Cisco Unified IP Phone 7931G to view model
More informationTrinity File System (TFS) Specification V0.8
Trinity File System (TFS) Specification V0.8 Jiaran Zhang (v-jiarzh@microsoft.com), Bin Shao (binshao@microsoft.com) 1. Introduction Trinity File System (TFS) is a distributed file system designed to run
More information1WorldSync Content1 Web Services
1WorldSync Content1 Web Services API HMAC Guide Version 1.1 26-Oct-2016 2 REVISION HISTORY Date Ver # Description of Change Author October 14, 2015 1.0 Initial Version 1WorldSync October 26, 2016 1.1 Updated
More informationCOMP 250 Winter 2011 Reading: Java background January 5, 2011
Almost all of you have taken COMP 202 or equivalent, so I am assuming that you are familiar with the basic techniques and definitions of Java covered in that course. Those of you who have not taken a COMP
More informationCS519: Computer Networks. Lecture 2: Feb 2, 2004 IP (Internet Protocol)
: Computer Networks Lecture 2: Feb 2, 2004 IP (Internet Protocol) A hypothetical service You want a mail delivery service You have two choices: Acme Guaranteed Mail Delivery Service We never fail Rocko
More information