Midpoints Versus Endpoints: From Protocols to Firewalls

Authors:
Diana Bidder-Senn;David Basin;Germano Caronni
Affiliations:
ETH Zürich, 8092 Zürich, Switzerland;ETH Zürich, 8092 Zürich, Switzerland;Google Inc., Mountain View,
Venue:
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Year:
2007

Citing 9
Cited 1

A protocol test generation procedure

Computer Networks and ISDN Systems
An improved protocol test generation procedure based on UIOS

SIGCOMM '89 Symposium proceedings on Communications architectures & protocols
Test Selection Based on Finite State Models

IEEE Transactions on Software Engineering
Automated packet trace analysis of TCP implementations

SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
What packets may come: automata for network monitoring

POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Engineering with logic: HOL specification and symbolic-evaluation testing for TCP implementations

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Offline firewall analysis

International Journal of Information Security
Testing Software Design Modeled by Finite-State Machines

IEEE Transactions on Software Engineering
Firewall conformance testing

TestCom'05 Proceedings of the 17th IFIP TC6/WG 6.1 international conference on Testing of Communicating Systems

Constructing mid-points for two-party asynchronous protocols

OPODIS'11 Proceedings of the 15th international conference on Principles of Distributed Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Today's protocol specifications only define the behaviour of principals representing communication endpoints. But in addition to endpoints, networks contain midpoints, which are machines that observe or filter traffic between endpoints. In this paper, we explain why midpoints should handle protocols differently from endpoints and thus midpoint specifications are needed. With a case study, using the TCP protocol and three different firewalls as midpoints, we illustrate the consequences of the current lack of protocol specifications for midpoints, namely that the same protocol is implemented differently by the different firewalls. We then propose a solution to the problem: We give an algorithm that generates a midpoint automaton from specifications of endpoint automata. We prove that the resulting midpoint automata are correct in that they forward only those messages that could have resulted from protocol-conform endpoints. Finally, we illustrate the algorithm on the TCP protocol.