From: Shobhit Raj Mathur (shobhit@cs.washington.edu)
Date: Sun Nov 14 2004 - 23:43:53 PST
Upgrading Transport Protocols Using Untrusted Mobile Code
=========================================================
This paper presents a mechanism called STP(Self Spreading Transport
Protocols) The approach uses untrusted mobile code to allow one host to
upgrade the transport protocol used by the other end point, if needed.
Upgrades to transport protocols are required very often as Internet
application requirements change all the time. Today, TCP implementation is
upgraded at the endpoints by upgrading the OS or the kernel. This delays
the deployment of extensions to TCP. There are other disadvantages such
as, implementation of the TCP extensions should be done by the OS vendors
as the code resides in the kernel. Moreover, the full advantage of the TCP
extension can be taken only if both the communicating end points use it.
The STP framework provides a restricted and resource safe environment for
mobile transport protocols. New protocols are written in Cyclone which is
a type safe language. The mobile code is not allowed to reference memory
or functions that are not made available to the protocol. This makes the
implementation framework safe and untrusted mobile code can be allowed to
execute.
While the framework allows developers to freely write transport protocol
extensions which are not dependent on OS vendors for deployment, there are
some issues which concern me. The transport protocol uses the STP API to
access the sockets layer, networks layer and other kernel services. Will
all the transport protocols be compatible with the STP API? If a new
protocol requires a change in the API, this would mean that the STP
framework should be upgraded. Some security issues also are a cause of
concern. Has the STP framework been thoroughly tested?. If there are some
bugs, the mobile code could use it to compromise the system. Worse still,
if STP is widely deployed the mobile code could use the loopholes to cause
havoc in the network.
Overall, I liked the approach and the motivation was strong. Once adopted,
it is sure to have to many advantages. But will it be adopted?
This archive was generated by hypermail 2.1.6 : Sun Nov 14 2004 - 23:43:53 PST