{SoK}: {An} Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment

Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable. In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about end-user centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols---without such security sensitive traps for operators, implementors and users

{SoK}: {An} Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment

Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable. In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about end-user centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols---without such security sensitive traps for operators, implementors and users

Diseño Del Protocolo Sump Para Mejorar La Revisión De Los Derechos De Acceso De Los Usuarios En Sistemas Operativos Linux De La Empresa Petroperú En La Sede Iquitos - 2015

La administración de los servidores Linux en la actualidad, conlleva una enorme responsabilidad debido a que sus sistemas y servicios son la base para la producción de las empresas que eligen esta plataforma. Por ello, es necesario implementar mecanismos que permitan su adecuada gestión y mejoren la seguridad de la información que almacenan. Un aspecto crítico para esta adecuada gestión, según la norma internacional ISO/IEC 27002:2013, es el control que se debe tener en el proceso de revisión de los derechos de acceso de los usuarios así como la seguridad de sus servicios de red. Sin embargo, estas normas solo proporcionan directrices para la implementación de estos controles y no son una solución práctica en sí. La forma común de llevar a cabo estos controles en la empresa Petroperú con su sede en Iquitos, ubicada en la Selva peruana, es la administración manual apoyada en el uso de las herramientas nativas del sistema operativo Linux que permiten realizar estas tareas. Sin embargo, esta metodología es propensa a algunos errores y toma mucho tiempo aplicarla en todos sus servidores. Esta investigación titulada “DISEÑO DEL PROTOCOLO SUMP PARA MEJORAR LA REVISIÓN DE LOS DERECHOS DE ACCESO DE LOS USUARIOS EN SISTEMAS OPERATIVOS LINUX DE LA EMPRESA PETROPERÚ EN LA SEDE IQUITOS - 2015”, permite diseñar un nuevo protocolo llamado SUMP (Simple User Management Protocol) y sirve de guía para automatizar el proceso de revisión de los derechos de acceso de los usuarios y brindar una mejor performance así como un mejor nivel de seguridad en el tratamiento de la información. El tipo de investigación aplicada y experimental junto con su diseño pre-experimental corresponde a un planteamiento metodológico muy importante que el investigador ha tomado en cuenta para motivar a los profesionales de las carreras afines, a las tecnologías de la información, al desarrollo de nuevos proyectos de investigación

Analysis and Automated Discovery of Attacks in Transport Protocols

Transport protocols like TCP and QUIC are a crucial component of today’s Internet, underlying services as diverse as email, file transfer, web browsing, video conferencing, and instant messaging as well as infrastructure protocols like BGP and secure network protocols like TLS. Transport protocols provide a variety of important guarantees like reliability, in-order delivery, and congestion control to applications. As a result, the design and implementation of transport protocols is complex, with many components, special cases, interacting features, and efficiency considerations, leading to a high probability of bugs. Unfortunately, today the testing of transport protocols is mainly a manual, ad-hoc process. This lack of systematic testing has resulted in a steady stream of attacks compromising the availability, performance, or security of transport protocols, as seen in the literature. Given the importance of these protocols, we believe that there is a need for the development of automated systems to identify complex attacks in implementations of these protocols and for a better understanding of the types of attacks that will be faced by next generation transport protocols. In this dissertation, we focus on improving this situation, and the security of transport protocols, in three ways. First, we develop a system to automatically search for attacks that target the availability or performance of protocol connections on real transport protocol implementations. Second, we implement a model-based system to search for attacks against implementations of TCP congestion control. Finally, we examine QUIC, Google’s next generation encrypted transport protocol, and identify attacks on availability and performance