Skip to main content
main-content

Über dieses Buch

Disseminating Security Updates at Internet Scale describes a new system, "Revere", that addresses these problems. "Revere" builds large-scale, self-organizing and resilient overlay networks on top of the Internet to push security updates from dissemination centers to individual nodes. "Revere" also sets up repository servers for individual nodes to pull missed security updates. This book further discusses how to protect this push-and-pull dissemination procedure and how to secure "Revere" overlay networks, considering possible attacks and countermeasures. Disseminating Security Updates at Internet Scale presents experimental measurements of a prototype implementation of "Revere" gathered using a large-scale oriented approach. These measurements suggest that "Revere" can deliver security updates at the required scale, speed and resiliency for a reasonable cost.

Disseminating Security Updates at Internet Scale will be helpful to those trying to design peer systems at large scale when security is a concern, since many of the issues faced by these designs are also faced by "Revere". The "Revere" solutions may not always be appropriate for other peer systems with very different goals, but the analysis of the problems and possible solutions discussed here will be helpful in designing a customized approach for such systems.

Inhaltsverzeichnis

Frontmatter

Chapter 1. Introduction

Abstract
Over the years the Internet has been seriously challenged by various threats: break-ins, attacks, hoaxes, vulnerabilities, and other malicious subversion efforts. Writers of malicious code, such as viruses, worms, and Trojan horses have been creative in finding ways for their code to propagate rapidly from machine to machine, but defenders of the Internet have been much less aggressive in finding ways to disseminate the information necessary to counter these attacks. As a result, not only have the network infrastructure and individual machines been exposed to various forms of network-based attacks, but they have been slow in reacting to these attacks. This situation raises concerns that were not present when networking was less common and less relied upon.
Jun Li, Peter Reiher, Gerald J. Popek

Chapter 2. Assurance Via Redundancy

Abstract
One of the most critical challenges facing Revere is that of supporting the high availability of security update dissemination under various circumstances, including the case where an attacker is trying to corrupt information while in transit. In this chapter we justify the fundamental concept of information assurance via redundancy and discuss general considerations on using redundancy to secure transmissions; we will thus establish that a redundancy mechanism is critical to the success of Revere.
Jun Li, Peter Reiher, Gerald J. Popek

Chapter 3. RBone: A Self-Organized Resilient Overlay Network

Abstract
An RBone must be formed and maintained for each different type of security update notification to ensure delivery of the needed security updates. Composed of Revere nodes and the logical links between them, an RBone is the basis of security update dissemination. During security update dissemination, Revere forwards security updates from one node on the RBone to another along the virtual link between them.
Jun Li, Peter Reiher, Gerald J. Popek

Chapter 4. Dissemination Procedure

Abstract
Revere supports a dual mechanism for delivering security updates: pushing and pulling. Using pushing, a dissemination center can broadcast a security update via an RBone to all connected nodes. Using pulling, an individual Revere node can request security updates. Pushing is the main delivery method. Pulling, on the other hand, allows a node to catch up with any missed security updates.
Jun Li, Peter Reiher, Gerald J. Popek

Chapter 5. Security

Abstract
Revere assumes that a large percentage of Revere nodes are cooperative; however, with Revere running at Internet scale, it is unrealistic to assume that no Revere nodes have been subverted. Revere, as a service for delivering security information, can be a very tempting target for attackers. If attackers can misuse or abuse Revere, they can achieve various malicious goals; for example, a corrupted Revere system may become an ideal carrier to help propagate network worms or other threats. Therefore, Revere security must be carefully addressed, including both the security of the dissemination procedure and the security of RBone management.
Jun Li, Peter Reiher, Gerald J. Popek

Chapter 6. Real Measurement Under Virtual Topology

Abstract
Revere provides a service for disseminating security updates at Internet scale. To understand how effective Revere is in providing this service, the characteristics of the dissemination must be evaluated. This is a critical step before widely deploying Revere over the Internet.
Jun Li, Peter Reiher, Gerald J. Popek

Chapter 7. Related Work

Abstract
Viewed in the most general context, Revere fits within the broad scope of information distribution over the Internet. In this section we look into those general-purpose distribution services, including preliminary techniques (unicasting, broadcasting, flooding, etc.), IP multicasting, application-layer protocols, email, replicated data management, content-delivery networks, and some commercial products.
Jun Li, Peter Reiher, Gerald J. Popek

Chapter 8. Future Work

Abstract
This book has presented key techniques that enable the dissemination of security updates. It also provides a platform for further research on open issues. In the following two sections, we will first briefly revisit the open technical issues that have been discussed in previous chapters, and then ask questions from a broader view of the Revere system.
Jun Li, Peter Reiher, Gerald J. Popek

Chapter 9. Conclusions

Abstract
This work demonstrates that fast, secure and resilient delivery of a modest amount of information through a very large-scale network is feasible, without employing huge server farms. To summarize the work, in this chapter we will recapitulate the problem Revere tries to solve, summarize the solution Revere provides, and outline Revere’s contributions. Broad lessons learned from this work will also be presented.
Jun Li, Peter Reiher, Gerald J. Popek

Backmatter

Weitere Informationen