Preview only show first 10 pages with watermark. For full document please download

T-110.5140 Network Application Frameworks And Xml Introduction

   EMBED

Share

Transcript

T-110.5140 Network Application Frameworks and XML Introduction and overview 2.2.2009 Contents „ Introduction „ Overview ‹ ‹ ‹ Sasu Tarkoma ‹ ‹ Based on slides by Pekka Nikander ‹ „ „ Starting Point „ Assume that you already know details of ‹ ‹ ‹ ‹ „ TCP/IP and underlying technology Basics of cryptography and cryptographic protocols Java, C++, and OO programming Basic client/server programming ‹ ‹ ‹ Distributed objects and distributed security XML and Web services Architectural overview and understanding New directions in research and standardization Course focus and goals „ „ Connections between aspects Examples „ „ „ Distributed systems security Multi-addressing: Mobility and multihoming Building applications with XML ‹ ‹ ‹ ‹ „ Distributed objects Role of directory services Mobile and wireless applications XML-based presentation and RPC Scalability and performance issues Course Info General overview of all aspects involved Ability to implement distributed systems ‹ „ Networking: naming, addressing, routing Multi-addressing:Mobility, multi-homing Security: Trust, risks, protocols, keys Objects: Encapsulation, XML, frameworks Performance: bandwidth, delay, bottlenecks Topics Covered Adding to these ‹ Starting point, topics, goals Hands-on experience with CORBA, SOAP (web services), XML, network-level security Understanding of ‹ ‹ ‹ ‹ ‹ Distributed object-oriented systems Crypto based security in distributed systems XML and how it is used in practise Performance issues Architecture and why does it matter 1 Course Info „ Course structure Lectures on Mondays 12.15-14 in T3 Two assignments as pair-work Final exam on Tuesday 12.5. 9-12 in T1 ‹ ‹ ‹ „ Study materials for the course „ Lectures „ Assignments ‹ ‹ Lecture slides and handouts, scientific papers, and relevant standards ‹ „ Contact information ‹ Background „ ‹ Eric Newcomer Understanding Web Services ‹ Eric Greenberg’s book “Network Application Frameworks” Chapter 1-9 and 12 ‹ Sanjiva Weerawarana et al. Web Services Platform Architecture. Prentice Hall. Kari Visala (@hiit.fi) Long Hoang ([email protected]) Common questions to the newsgroup: ‹ „ Sasu Tarkoma (@tml.hut.fi) opinnot.tik.naf Personal questions by email ‹ [email protected] Lecture Outline 26 Jan 09 5 Mon 12:15-14:00 T3 About course and assignment About course and assignments. Please attend the first lecture to register for the course. 02 Feb 09 09 Feb 09 16 Feb 09 23 Feb 09 02 Mar 09 09 Mar 09 16 Mar 09 23 Mar 09 30 Mar 09 06 Apr 09 13 Apr 09 20 Apr 09 6 7 8 9 10 11 12 13 14 15 16 17 Mon Mon Mon Mon Mon Mon Mon Mon Mon Mon Mon Mon 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 12:15-14:00 T3 T3 T3 T3 T3 T3 TU2 T3 T3 T3 T3 T3 Overview Introduction and overview Routing, multi-homing, mobi Distributed Hash Tables (DH Host Identity Protocol Middleware Exam week, no lecture Web services SOAP Securing Web services Service federation Easter, no lecture Summary and conclusions Please check the news section on the web page for updates! Networking „ „ Communication between distributed entities What are network entities? ‹ ‹ „ NAMING How are they named? How are they connected? Where is state? ‹ ‹ ‹ „ Naming, Addressing, Routing I/II How it is created? How it is removed? How it is maintained? ADDRESSING ROUTING How are resources allocated? 2 Naming, Addressing, Routing II „ „ „ Naming, addressing, and routing may be applied on many levels and for different purposes Naming ‹ ‹ „ Routing Routing ‹ ‹ „ Simply the name of an entity For example: a domain name For the remainder: we assume that addresses are assigned topologically ‹ Prefix-routing (network part, host part) ‹ Keeps routing tables manageable Addressing ‹ ‹ ) The address of an entity For example: geographical location, IPaddress ) Multi-addressing ‹ „ Correspondent host Entities may have multiple addresses In mobility the topological location (access point) changes --> the address changes Triangular routing Mobility ‹ ‹ Mobile nodes Handover terminology ) ) ‹ make-before-break break-before-make Home link ‹ „ „ Server has multiple addresses on different networks for increased reliability Client has multiple addresses Multi-homing requires support for address change Topology change can cause renumbering ‹ ‹ ‹ Foreign link Mobile host Moving networks Multi-homing ‹ Foreign agent Home agent Multi-addressing „ Addresses depend on location Mobility requires support for address change ‹ „ More flexibility: CIDR Mobility Example:Mobile IP Triangular Routing Mobility and Multi-addressing „ How information is routed to the entity in distributed environment Examples: IP-routing, overlay-routing From old prefix to new prefix Changing the IP host addresses of each device within the network Multi-homing Examples Site multi-homing ISP1 End-host multi-homing NAT1 Multi-homed site ISP2 Internet NAT2 WLAN GPRS Wireless Host Related with multi-homing and must be supported by mobility protocols 3 Multi-layer Operation „ Mobility and multi-homing can be realized on different layers ‹ ‹ ‹ ‹ Network (Mobile IP) Between network and transport (HIP) Transport (SCTP) Application (SIP, Wireless CORBA, overlays) View points to Distributed Systems „ User view point ‹ ‹ ‹ „ Developer view point ‹ ‹ „ ‹ ‹ „ Requirements ‹ ‹ ‹ Confidentiality Authentication Authorization ) ) ‹ ‹ ‹ „ „ „ Physical network operated by many parties Not all operators can be trusted Protecting subnets ‹ „ „ Information hiding for programmers Extend a familiar paradigm to a distributed environment Psychological drawbacks ‹ ‹ ‹ „ „ Huge difference in latency Completely different fault semantics Synchronization problems How to name and find objects? Using services provided by third parties? Connectivity problems Need for cryptographic protection ‹ ‹ „ Firewalls, NATs, middleboxes ) „ ‹ Objects Easy to deploy and maintain Scale well Secure Security Rules, policies, ACLs ticket-based schemes Non-repudiation Auditing and logging Availability Easy to develop and debug Fast time-to-market Administrator view point ‹ Security Requirements Services that work 24/7, anywhere Usability, security Integrity and confidentiality of data Identification, access control, and authorization Key distribution and trust creation/evaluation Performance „ Network Quality of Service (QoS) characteristics ‹ ‹ ‹ „ A dynamic phenomenon if packet switched ‹ „ „ End-to-end latency Bandwidth Sometimes also jitter matters Congestion leads to drops or delays Different paths have different QoS properties Two worlds: wireless and wired 4 Delay and failure model „ „ „ Interconnections A uni-processor machine works or fails A method call takes a few nanoseconds In a network, ‹ ‹ ‹ ‹ round trip latency may be ~ 100ms a single end-node may fail a path between two end-nodes may fail performance may fall to unacceptably poor level Network Security Objects Directories „ „ „ „ Layered Model Presentation Object API, serializ. Layered model Object centric view Network centric view Directories vs. security Object centric view Network Security Presentation Session “Transaction”, RPC Transport Congestion control Object API to network Object-level security End-to-end Internetworking Objects Directories Routing Naming and finding objects Naming and finding objects „ „ „ „ Each object needs to have a name Each type (class) needs to have a name Each method (action) needs to have a name Objects may be mobile, replicated, ephemeral, or permanent Providing an object API „ ‹ ‹ „ „ „ „ „ „ Mostly a naming related issue How to find the object? How to find type and method meta-data? How to refer to remote objects? How to move objects over the network? How to synchronize replicated objects? Abstraction of delay and faults How to find an object? How to maintain a consistent view of types? 5 OO security „ „ May implement access control logic „ How to trust a remote node? How to represent threads, call history, and permissions over the network? Large networks are physically vulnerable Cryptography for integrity and confidentiality ‹ „ „ „ „ Delay and failure mode Naming, addressing, and directories Objects „ Availability depends on protocol design Privacy depends on protocol design Balance: security vs. ease of administration vs. performance Chicken and egg with security and directories Security Network entities are named ‹ „ Need to solve the key distribution problem Need to have identities and credentials Directories Naming, addressing, and directories „ „ DNS names: www.example.org Names need to be translated to addresses ‹ Not everybody is equally trusted ‹ Security Secure network mgmt --> {permissions} Network security „ Network Threads of execution act upon them ‹ „ Network security Objects represent reactive data storage ‹ „ Network centric view Network knows how to forward to an address A directory provides translation information Avoid circular design! Make sure that basic networking works even without directories. Examples Access control Long term keys „ „ „ „ Networking: IPv4 and IPv6 Directories: DNS Security: IPsec and IKE Objects: Java RMI Directories „ „ Security mechanisms require access to long term public keys Directory access must be protected 6 Networking: IPv4 and IPv6 Concerns with networks Hosts named and addressed by IP address Two broad classes of state: „ „ ‹ ‹ „ ‹ Routing and forwarding tables End-to-end state „ „ ‹ ‹ „ ‹ ‹ ‹ „ „ ‹ ‹ ‹ ‹ „ „ Reduces traffic Make update distribution slow „ „ „ ‹ IKE „ IP Security (IPsec) End-to-end, below congestion control ‹ ) ‹ Integrity and authenticity (immutable IP header+payload) Problems with NATs (dst mutable) ESP (Encapsulating Security Payload) ) ) ) „ „ Authentication Header (AH) ) „ Partitioning, replication, caching Access control: reading, modification Representation of relationships Representation of objects Mostly relies on manual configuration Security: IPsec „ Logical structure: architecture Physical structure: performance Partitioned into administrative domains Relatively poor security „ „ Actual data storage and structure Hosts are no longer named with IP addresses Replicated, hierarchical repository Data cached at end-hosts „ Complexity of next-hop lookup QoS facilities, queues, traffic shaping Concerns with directories Provides Domain Name to IP address mapping „ Traditionally handled at the transport layer Routing hardware design and cost Created by routing protocols Converge time: minutes Directories: DNS Should always be soft state Congestion control, reliability, packet drop / retransmission, flow control ‹ IP addresses are assigned topologically Forwarding tables „ Non-forwarding,non end-to-end state: NAT Transport-mode: higher level payload • host-to-host Tunnel-mode: payload is IP packet • network-to-network Mostly in tunnel mode, VPNs Contains a complex policy control model Does not work for IP control traffic IPSec separates key management into IKE / IKE v2 Security Association (SA) ‹ „ relationship between two or more entities that describes how the entities will use security services to communicate securely Internet Key Exchange (IKE) ‹ negotiates the IPSec security associations (SAs) ‹ IKE creates an authenticated, secure tunnel ‹ negotiates the security association for IPSec ‹ authentication, establishment of shared keys ) Five authentication options 7 IPsec and IKE 1.No IPSec SA for Bob Concerns with security 4. Protected packets are sent to Bob „ Right layer to implement? What about multi-layer security? Privacy? DoS protection? Trust management? „ Authorization and credentials? „ „ IPSec Alice IPSec Bob „ ‹ IKE Alice IKE Bob IKE Tunnel 2. Alice’s IKE starts negotiations How to bootstrap trust? 3. Negotiation completes. IPSec SAs in place Objects: Java RMI I/II „ Java Remote Method Invocation ‹ „ „ Objects: Java RMI II Objects in one VM invoke methods in objects in a remote VM 5. Skeleton calls method 1. Client Obtains Handle Remote handle ‹ From the registry name facility ‹ By receiving the reference as an argument or return value of a method call ‹ Client needs stubs (generated from interfaces / downloaded, rmic compiler) Type polymorphism adds interesting semantics ‹ Run-time dispatch instead of compile time ‹ Parameters of method calls are passed as serialized objects (deep copy) ) „ Object Discovery „ Reliability and disaster recovery ‹ ‹ „ „ „ ‹ „ „ Stubs RMI system Skeletons Remote Reference Layer 4. Skeleton unmarshals Transport Transport independence. Connection management. Unicast/multicast object invocation. Summary „ Representation of Object Handle Fault tolerance: Replication, Consistency, etc. Version detection Marshalling and unmarshalling Transparency vs. efficiency Performance ‹ ClientRemote 7. Stub Stub isunmarshals and object) Server 2. called (rep.result 3. Marshalling 6. Skeleton arguments marshals result passes it to client (type checking) Dynamic binding Concerns with objects ‹ Application Easy to send more data than necessary! Distributed garbage collection „ „ „ „ Networking: naming, addressing, routing Multi-addressing:Mobility, multi-homing Security: Trust, risks, protocols, keys Objects: Encapsulation, XML, frameworks Performance: bandwidth, delay, bottlenecks Semantics: defining objects beyond appearance Supporting heterogeneous environments 8 Questions / discussion 9