mod_auth_ticket - Bringing Single-Sign-On to lighttpdTaisuke Yamada
Explains mod_auth_ticket, a newly developed module for lighttpd to make any website SSO-enabled. Also discusses development experience for lighttpd and some strength evaluation of crypto used by this module.
S2E: A Platform for In Vivo Multi-Path Analysis of Software Systems. Vitaly Chipounov, Volodymyr Kuznetsov, George Candea. 16th Intl. Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Newport Beach, CA, March 2011.
mod_auth_ticket - Bringing Single-Sign-On to lighttpdTaisuke Yamada
Explains mod_auth_ticket, a newly developed module for lighttpd to make any website SSO-enabled. Also discusses development experience for lighttpd and some strength evaluation of crypto used by this module.
S2E: A Platform for In Vivo Multi-Path Analysis of Software Systems. Vitaly Chipounov, Volodymyr Kuznetsov, George Candea. 16th Intl. Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Newport Beach, CA, March 2011.
2. UCLAとUSCとMSRしかいない
A General Approach to Network Configuration Analysis
Ari Fogel and Stanley Fung, University of California, Los Angeles
Luis Pedrosa, University of Southern California
Meg Walraed-Sullivan, Microsoft Research
Ramesh Govindan, University of Southern California
Ratul Mahajan, Microsoft Research
Todd Millstein, University of California, Los Angeles
Analyzing Protocol Implementations for Interoperability
Luis Pedrosa, University of Southern California
Ari Fogel, University of California, Los Angeles
Nupur Kothari, Microsoft
Ramesh Govindan, University of Southern California
Ratul Mahajan, Microsoft
Todd Millstein, University of California, Los Angeles
Checking Beliefs in Dynamic Networks
Nuno P. Lopes, Nikolaj Bjørner, and Patrice Godefroid, Microsoft Research
Karthick Jayaraman, Microsoft Azure
George Varghese, Microsoft Research
2
3. 論文の概要
A General Approach to Network Configuration Analysis
機器の設定 - プロトコルの振る舞い - Data Plane の転送 の一貫性の
確認
ECMPであるパスは通るけど別のパスは通らない、みたいなことがない
障害があってもパケットが届く(ACLとか経路フィルタに引っかからない)
宛先は一つ
Analyzing Protocol Implementations for Interoperability
同じプロトコルの異なる実装の相互接続性のシンボリック実行による
検証
メッセージが問題なく処理されるか、エラーになるか
メッセージの意味の解釈までは踏み込まない
Checking Beliefs in Dynamic Networks
ネットワークのパスやアクセス制御のポリシーの検証
3
4. A GENERAL APPROACH TO
NETWORK CONFIGURATION
ANALYSIS
Ari Fogel, Stanley Fung (UCLA), Luis Pedrosa (USC),
Meg Walraed-Sullivan (MSR), Ramesh Govindan (USC),
Ratul Mahajan (MSR), Todd Millstein (UCLA)
4
5. Background and Motivation
到達性やフィルタなどのポリシーを反映した Data Plane
になる Config かどうか検証したい
5
Challenge:
どのように Data Plane の状態を導出するか
どのように Data Plane のエラーの原因の Config を特定するか
Data Plane
Config
導出
Device
Data Plane
Config
導出
Device
Data Plane
Config
導出
Device
ポリシー
手動もしくは自動で設定
検証