CSCE 790: Computer Network Security
Download
Report
Transcript CSCE 790: Computer Network Security
CSCE 515:
Computer Network Programming
Chin-Tser Huang
[email protected]
University of South Carolina
Final Exam
Will be held on Tuesday, May 4, 5:30-7pm
Count for 20% toward your final grade
More emphasis on programming than
midterm
Review session in next lecture
4/22/2004
2
Peer-to-Peer
Internet was designed to be an open and
cooperative network
Commercial applications and security
concerns push Internet to client-server model
A new trend for peer-to-peer
File sharing
Online chatting
Resource sharing
No boredom, more freedom!
4/22/2004
3
Issues in Peer-to-Peer
Flexibility
Scalability
Anonymity
Accountability
4/22/2004
4
Peer-to-Peer Applications
Napster
Gnutella
Freenet
Free Haven
4/22/2004
5
Napster
Popular online music service
Users first connect to Napster server to
search for other users who have the target
songs
Server returns search results to users
Users connect to each other to share songs
Legal problems
4/22/2004
6
Gnutella
A decentralized search system
A language with many Gnutella-compatible
implementations
Emphasis on flexibility
No privacy
4/22/2004
7
Freenet
A decentralized system for distributing files
User forwards a request to a node he/she
knows and trusts
Next node returns a hit or forwards request
to a likely node
Nodes in Freenet become increasingly
connected
Use unique ID for each file
Provide partial anonymity
4/22/2004
8
Freenet Request Sequence
From “Freenet: A Distributed Anonymous
Information Storage and Retrieval
System”, I. Clarke, O. Sandberg, B.
Wiley, and T. Hong.
4/22/2004
9
Free Haven
A system to provide anonymous storage that
resists attempts of adversaries to find or
destroy any stored data
Emphasis on anonymity
Publisher anonymity
Reader anonymity
Server anonymity
Use a reputation system to address
accountability
4/22/2004
10
Anonymity in Peer-to-Peer
From “Tarzan: A Peer-to-Peer Anonymizing
Network Layer”, by M. Freedman and
R. Morris, ACM CCS’02.
4/22/2004
11
Overlay Networks
A virtual network that uses underlying
infrastructure network to provide connection
between its nodes
Messages between nodes are tunneled via
underlying network
Conceal unnecessary details about underlying
network
Can provide specialized functions
4/22/2004
12
Overlay Architecture
4/22/2004
13
Peer-to-Peer Overlay Networks
Satisfy special need of a small group
Make peer-to-peer application more scalable
Improve efficiency
4/22/2004
14
An RMI Peering Example
A peer-to-peer client locates central peering server
and makes a remote call to obtain a partner
If server has no client waiting to be partnered, it
stores a reference to calling client and returns false
If server has waiting client, it notifies both clients of
their new partner and returns true
Remote interfaces PartnerServer and Partner
Implementation classes PartnerServerImpl and
PartnerImpl
4/22/2004
15
Interface PartnerServer
/* Java Network Programming, Second Edition
* Merlin Hughes, Michael Shoffner, Derek Hamner
* Manning Publications Company; ISBN 188477749X
*
* http://nitric.com/jnp/
*
* Copyright (c) 1997-1999 Merlin Hughes, Michael Shoffner, Derek Hamner;
* all rights reserved; see license.txt for details. */
import java.rmi.*;
public interface PartnerServer extends Remote {
public boolean assignPartner (String service, Partner myself) throws
RemoteException;
}
4/22/2004
16
Interface Partner
/* Java Network Programming, Second Edition
* Merlin Hughes, Michael Shoffner, Derek Hamner
* Manning Publications Company; ISBN 188477749X
*
* http://nitric.com/jnp/
*
* Copyright (c) 1997-1999 Merlin Hughes, Michael Shoffner, Derek Hamner;
* all rights reserved; see license.txt for details. */
import java.rmi.*;
public interface Partner extends Remote {
public void partnered (String service, Partner partner) throws RemoteException;
}
4/22/2004
17
Class PartnerServerImpl
/* Java Network Programming, Second Edition
* Merlin Hughes, Michael Shoffner, Derek Hamner
* Manning Publications Company; ISBN 188477749X
*
* http://nitric.com/jnp/
*
* Copyright (c) 1997-1999 Merlin Hughes, Michael Shoffner, Derek Hamner;
* all rights reserved; see license.txt for details. */
import java.rmi.*;
import java.util.*;
import java.rmi.server.*;
import java.rmi.registry.*;
public class PartnerServerImpl extends UnicastRemoteObject implements PartnerServer {
// public PartnerServerImpl () throws RemoteException …
// public synchronized boolean assignPartner (String service, Partner myself) throws
RemoteException …
// public static void main (String[] args) throws RemoteException, AlreadyBoundException …
}
4/22/2004
18
Constructor PartnerServerImpl
protected Hashtable pending;
public PartnerServerImpl () throws RemoteException {
pending = new Hashtable ();
}
4/22/2004
19
Method assignPartner
public synchronized boolean assignPartner (String service, Partner myself) throws
RemoteException {
if (!pending.containsKey (service)) {
pending.put (service, myself);
return false;
} else {
Partner partner = (Partner) pending.get (service);
pending.remove (service);
partner.partnered (service, myself);
myself.partnered (service, partner);
return true;
}
}
4/22/2004
20
Method main
public static void main (String[] args) throws RemoteException, AlreadyBoundException {
if (args.length != 2)
throw new IllegalArgumentException
("Syntax: PartnerServerImpl <port> <service>");
int port = Integer.parseInt (args[0]);
String service = args[1];
}
PartnerServerImpl partnerServer = new PartnerServerImpl ();
try {
Registry registry = LocateRegistry.getRegistry (port);
registry.bind (service, partnerServer);
} catch (ConnectException ex) {
Registry registry = LocateRegistry.createRegistry (port);
registry.bind (service, partnerServer);
}
4/22/2004
21
Class PartnerImpl
/* Java Network Programming, Second Edition
* Merlin Hughes, Michael Shoffner, Derek Hamner
* Manning Publications Company; ISBN 188477749X
*
* http://nitric.com/jnp/
*
* Copyright (c) 1997-1999 Merlin Hughes, Michael Shoffner, Derek Hamner;
* all rights reserved; see license.txt for details. */
import java.rmi.*;
import java.rmi.server.*;
import java.rmi.registry.*;
public class PartnerImpl implements Partner {
// public void partnered (String service, Partner partner) …
// public static void main (String[] args) throws RemoteException, NotBoundException …
}
4/22/2004
22
Methods of PartnerImpl
public void partnered (String service, Partner partner) {
System.out.println ("Partnered with " + partner + " for " + service + '.');
}
public static void main (String[] args) throws RemoteException, NotBoundException {
if (args.length != 3)
throw new IllegalArgumentException
("Syntax: PartnerImpl <host> <port> <service>");
PartnerImpl partner = new PartnerImpl ();
Partner partnerRef =
(Partner) UnicastRemoteObject.exportObject (partner);
String host = args[0];
int port = Integer.parseInt (args[1]);
String service = args[2];
}
Registry registry = LocateRegistry.getRegistry (host, port);
PartnerServer server = (PartnerServer) registry.lookup (service);
if (!server.assignPartner ("Testing", partnerRef))
System.out.println ("waiting...");
4/22/2004
23
Next Class
Network security
Review session for final exam
4/22/2004
24