ResearchRoadmaponnetworksecurityfrompracticalfirewall.pptVIP

Benson Wu, 2005 Research Internet Evolution Changes in Networking Technologies Changes in Internet Users and Internet Applications Changes in Security Accessories Changes in Internet Applications: Primitive Web becoming Web Services Is Primitive Web enough? When they are still newbie…they want to “join” ALL Client-to-Server When they become big enough…they want to “share” Some Peer-to-Peer (P2P) Some Server-to-Server (Web Services) Changes in Internet Users:from Browsing towards Clicking Necessary services at one-click: Web Services e.g. One-stop shopping Necessary authentications at one-time: Single Sign-On e.g. One-click cart/basket Necessary confidentiality with higher-granularity: XML Enc. e.g. Interleaved workflow Such changes are more like a reality… Some numbers about P2P 2 millions of Kuro users and 50.2% of teenagers (15~22) have visited either Kuro or EZPeer (創市際市場研究顧問公司, 2003/09) Some NT$9.6 billions lost due to P2P sharing (資策會網路通訊雜誌, 2003/06) Some numbers about Web Services… 79% are evaluating (Accenture) 52% are using or testing (TechMetrix) 45.5% consider security to be the biggest obstacle (BusinessWeek) The Evolution of P2P: Darwinism 2004 P2P Popularity and User Rating Extending Client-Server to P2P:Its Problems and Solutions Connectivity Internet transparency? How to connect resources successfully? Sol: middleman (e.g. gatekeeper in H.323, broker in middleware, renderzvous node in JXTA) Scalability size? How to locate MANY resources? Sol: smart routing (make use of DHT) time? How to locate resources INSTANTLY? Sol: Distributed hash table or DHT (resilience?) Extending Client-Server to Web Services:Its Problems and Solutions What most XML firewall do? How to manipulate only parts of a document? Per-element XML encryption/signing How to authenticate/authorize between more than two parties Single-Sign On How to assure the validity of Web Services’ action? SOAP Schema validation SOAP Digital Signature verification Changes in Threat:Volume