Authors: Andreas Dittrich Felix Salfner 24th IEEE International Symposium on Parallel Distributed Processing, Workshops and PhD Forum (IPDPSW), Atlanta, GA, USA, April 19-23, 2010 Download: final published version, IEEEXplore

Service discovery is a fundamental concept in service networks. It provides networks with the capability to publish, browse and locate service instances. Service discovery is thus the precondition for a service network to operate correctly and for the services to be available. In the last decade, decentralized service discovery mechanisms have become increasingly popular. Especially in ad-hoc scenarios – such as ad-hoc wireless networks – they are an integral part of auto-configuring service networks. Albeit the fact that auto-configuring networks are increasingly used in application domains where dependability is a major issue, these environments are inherently unreliable. In this paper, we examine the dependability of decentralized service discovery. We simulate service networks that are automatically configured by Zeroconf technologies. Since discovery is a time-critical operation, we evaluate responsiveness – the probability to perform some action on time even in the presence of faults – of domain name system (DNS) based service discovery under influence of packet loss. We show that responsiveness decreases significantly already with moderate packet loss and becomes practicably unacceptable with higher packet loss.

	Autoren: Andreas Dittrich Philipp Reinecke Workshop IT Security HU Berlin Prof. Dr. J.-P. Redlich Paper: english (PDF) Vortrag: (PDF)

The term security when applied to computer networks conveys a plethora of meanings, ranging from network security to process and information security – the security of business processes and information handled therein. Likewise, testing said security cannot be narrowed down to simple methods, but has to be adjusted to the type of security it is applied to, to the answers one needs, to time and cost restraints and – possibly the most important point – to the person interested in the answers. While several approaches for a methodology of testing have been put forward and though there are numerous introductory documents as well as checklists available, the field remains rather overwhelming.

This document, written as a paper for the 2004 Security Seminar at Humboldt University, Berlin, aims at giving hints on how to tackle the complex task of testing a network’s security. We will lay out a simple scenario, designed with several security holes, and perform a rudimentary penetration test. To really get a grasp on how secure a system is, one has to try every conceivable way to break into it. Time and space constraints as well as limits on what we can model in the network prevent us from doing such a test, so in order to achieve greater detail in what we actually do we will only follow one way and give hints of possible other routes at the various steps.