- 共享网络性能信息(TCP控制块和拥塞管理模块)
有些信息不应当被共享。例如,TCP顺序号用来防止伪装攻击(spoofing attacks),甚至有关性能参数的共享都会给拒绝服务攻击造成机会[Touch97]。
- 性能增强代理(Performance Enhancing Proxies)
从安全攻击角度看,此类系统扮演了中间人(men-in-the-middle)的角色。因此,必须要特别小心,以避免系统被劫持(hijack)或被滥用(misuse)。
最后的观点不应被轻视:只要中间介质节点进行的操作与其在端对端下不同,就会存在安全问题。这并非专指性能增强代理。应当提前应用基于IPSEC的保护,以使殊如SNOOP模块、头压缩(TCP、UDP、RTP等)、HTTP代理能够参与工作。
一些高层的安全机制(如RTP加密、在TCP负载中进行TLS加密)已经减轻了这个安全问题的影响,然而,协议头仍是可见的,仍可能被通信分析所破解并遭受拒绝服务攻击。
9 参考书目(References)
[ACKSPACING] Partridge, C., "ACK Spacing for High Delay-Bandwidth
Paths with Insufficient Buffering", Work in Progress.
[ADGGHOSSTT98] Allman, M., Dawkins, S., Glover, D., Griner, J.,
Henderson, T., Heidemann, J., Kruse, H., Osterman, S.,
Scott, K., Semke, J., Touch, J. and D. Tran, "Ongoing
TCP Research Related to Satellites", Work in Progress.
[AGS98] Allman, M., Glover, D. and L. Sanchez, "Enhancing TCP
Over Satellite Channels using Standard Mechanisms",
BCP 28, RFC 2488, January 1999.
[Allman98] Mark Allman. On the Generation and Use of TCP
Acknowledgments. ACM Computer Communication Review,
28(5), October 1998.
[AHO98] Allman, M., Hayes, C., Ostermann, S., "An Evaluation
of TCP with Larger Initial Windows," Computer
Communication Review, 28(3), July 1998.
Montenegro, et al. Informational [Page 36]
[BBKT96] Bhagwat, P., Bhattacharya, P., Krishna, A., Tripathi,
S., "Enhancing Throughput over Wireless LANs Using
Channel State Dependent Packet Scheduling," in Proc.
IEEE INFOCOM'96, pp. 1133-40, March 1996.
[BBKVP96] Bakshi, B., P., Krishna, N., Vaidya, N., Pradhan,
D.K., "Improving Performance of TCP over Wireless
Networks," Technical Report 96-014, Texas A&M
University, 1996.
[BPSK96] Balakrishnan, H., Padmanabhan, V., Seshan, S., Katz,
R., "A Comparison of Mechanisms for Improving TCP
Performance over Wireless Links," in ACM SIGCOMM,
Stanford, California, August 1996.
[BPK99] Balakrishnan, H., Padmanabhan, V., Katz, R., "The
effects of asymmetry on TCP performance," ACM Mobile
Networks and Applications (MONET), Vol. 4, No. 3,
1999, pp. 219-241.
[BV97] S. Biaz and N. H. Vaidya, "Distinguishing Congestion
Losses from Wireless Transmission Losses: A Negative
Result," Seventh International Conference on Computer
Communications and Networks (IC3N), New Orleans,
October 1998.
[BV98] Biaz, S., Vaidya, N., "Sender-Based heuristics for
Distinguishing Congestion Losses from Wireless
Transmission Losses," Texas A&M University, Technical
Report 98-013, June 1998.
[BV98a] Biaz, S., Vaidya, N., "Discriminating Congestion
Losses from Wireless Losses using Inter-Arrival Times
at the Receiver," Texas A&M University, Technical
Report 98-014, June 1998.
[BW97]
Brasche, G., Walke, B., "Concepts, Services, and
Protocols of the New GSM Phase 2+ general Packet Radio
Service," IEEE Communications Magazine, Vol. 35, No.
8, August 1997.
Montenegro, et al. Informational [Page 37]
[CB96] Cheshire, S., Baker, M., "Experiences with a Wireless
Network in MosquitoNet," IEEE Micro, February 1996.
Available online as:
http://rescomp.stanford.edu/~cheshire/papers/wireless.ps.
[CDMA] Electronic Industry Alliance(EIA)/Telecommunications
Industry Association (TIA), IS-95: Mobile Station-Base
Station Compatibility Standard for Dual-Mode Wideband
Spread Spectrum Cellular System, 1993.
[CDPD] Wireless Data Forum, CDPD System Specification,
Release 1.1, 1995.
[CM] Hari Balakrishnan and Srinivasan Seshan, "The
Congestion Manager," Work in Progress.
[CTCSM97] Chang, H., Tait, C., Cohen, N., Shapiro, M.,
Mastrianni, S., Floyd, R., Housel, B., Lindquist, D.,
"Web Browsing in a Wireless Environment: Disconnected
and Asynchronous Operation in ARTour Web Express," in
Proc. MobiCom'97, Budapest, Hungary, September 1997.
[Demers90] Demers, A., Keshav, S., and Shenker, S., Analysis and
Simulation of a Fair Queueing Algorithm,
Internetworking: Research and Experience, Vol. 1,
1990, pp. 3-26.
[ECN] Ramakrishnan, K. and S. Floyd, "A Proposal to add
Explicit Congestion Notification (ECN) to IP", RFC
2481, January 1999.
[Floyd95] Floyd, S., and Jacobson, V., Link-sharing and Resource
Management Models for Packet Networks. IEEE/ACM
Transactions on Networking, Vol. 3 No. 4, pp. 365-386,
August 1995.
[FSS98] Fragouli, C., Sivaraman, V., Srivastava, M.,
"Controlled Multimedia Wireless Link Sharing via
Enhanced Class-Based Queueing with Channel-State-
Dependent Packet Scheduling," Proc. IEEE INFOCOM'98,
April 1998.
[GPRS] ETSI, "General Packet Radio Service (GPRS): Service
Description, Stage 2," GSM03.60, v.6.1.1 August 1998.
Montenegro, et al. Informational [Page 38]
[GSM] Rahnema, M., "Overview of the GSM system and protocol
architecture," IEEE Communications Magazine, vol. 31,
pp 92-100, April 1993.
[HL96] Hausel, B., Lindquist, D., "WebExpress: A System for
Optimizing Web Browsing in a Wireless Environment," in
Proc. MobiCom'96, Rye, New York, USA, November 1996.
[HTTP-PERF] Henrik Frystyk Nielsen (W3C, MIT), Jim Gettys (W3C,
Digital), Anselm Baird-Smith (W3C, INRIA), Eric
Prud'hommeaux (W3C, MIT), Hon Lie (W3C, INRIA), Chris
Lilley (W3C, INRIA), "Network Performance Effects of
HTTP/1.1, CSS1, and PNG," ACM SIGCOMM '97, Cannes,
France, September 1997. Available at:
http://www.w3.org/Protocols/HTTP/Performance/Pipeline.html
[IPPCP] Shacham, A., Monsour, R., Pereira, R. and M. Thomas,
"IP Payload Compression Protocol (IPComp)", RFC 2393,
December 1998.
[IPHC] Degermark, M., Nordgren, B. and S. Pink, "IP Header
Compression", RFC 2507, February 1999.
[IPHC-RTP] Casner, S. and V. Jacobson, "Compressing IP/UDP/RTP
Headers for Low-Speed Serial Links", RFC 2508, February 1999.
[IPHC-PPP] Engan, M., Casner, S. and C. Bormann, "IP Header
Compression over PPP", RFC 2509, February 1999.
[ITCP] Bakre, A., Badrinath, B.R., "Handoff and Systems
Support for Indirect TCP/IP. In Proceedings of the
Second USENIX Symposium on Mobile and Location-
Independent Computing, Ann Arbor, Michigan, April 10-11, 1995.
[Jain89] Jain, R., "A Delay-Based Approach for Congestion
Avoidance in Interconnected Heterogeneous Computer
Networks," Digital Equipment Corporation, Technical
Report DEC-TR-566, April 1989.
[Karn93] Karn, P., "The Qualcomm CDMA Digital Cellular System"
Proc. USENIX Mobile and Location-Independent Computing
Symposium, USENIX Association, August 1993.
Montenegro, et al. Informational [Page 39]
