Accountable Protocol Customization

Abstract

Accountable Protocol CustomizationAbstract. Widely used network protocols evolve during their design phase and over their years of use. In addition, these protocols must work for a wide variety of devices and for a range of operating scenarios, including backward compatibility with previous versions. For these and other reasons, modern network protocol standards often contain a dizzying array of options with perplexing and unpredictable potential interactions. This complexity makes it immensely challenging to provide high assurance in the security of their designsand implementations. The central thesis of the proposed project is that accountable protocol customization offers a promising alternative to this status quo. Protocol customization involves identifying lean protocol subsets that are sufficient to meet the functional and security needs of relevant clients and servers (e.g. a Navy subnetwork that is outward facing) while preserving backward compatibility. Customization also supports protocol dialects that modify the original protocol standard in settings where backward compatibility is not a strict requirement (e.g., for an inward facing Navy subnetwork). Distinctively, the project will ensure that customization is ???accountable???, i.e. we will carefully ???account for??? properties of customized protocols by tightly couplingprotocol customization operations with rigorous analysis. This coupling will beaccomplished by creating and leveraging principled techniques for synthesis, testing, and verification of protocols. The project will create a scientific framework for accountable protocol customization that reliably improves security of contemporary and future networked computing environments. It will demonstrate the value of the framework by applying it to a diverse set of widely used and emerging real-world protocols, including the HTTPS/TLS ecosystem, network infrastructure, and standards for secure messaging, federated authentication, and the Internet of Things.

Document Details

Document Type
DoD Grant Award
Publication Date
Jul 26, 2018
Source ID
N000141812618

Entities

People

  • Boon Loo

Organizations

  • Office of Naval Research
  • United States Navy
  • University of Pennsylvania

Tags

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Distributed Systems and Data Platform Development
  • Educational Psychology

Technology Areas

  • 5G
  • 5G - DoD 5G Program
  • 5G - Internet of Things