TY - CHAP
T1 - Learning from the Past: Designing Secure Network Protocols
AU - Fiebig, Tobias
AU - Lichtblau, Franziska
AU - Streibelt, Florian
AU - Krüger, Thorben
AU - Lexis, Pieter
AU - Bush, Randy
AU - Feldmann, Anja
PY - 2018
Y1 - 2018
N2 - Network protocols define how networked computer systems exchange data. As they define all aspects of this communication, the way they are designed is also security sensitive. If communication is supposed to be encrypted, this has to be outlined in the protocol’s specification. If services implementing the protocol should allow for authentication, this has to be defined in the protocol. Hence, the way a protocol is designed is elemental for the security of systems later implementing it. Security by design starts with the protocol definition. Especially in today’s fast-moving environment, with cloud services and the Internet of Things, engineers constantly have to develop new protocols. In this chapter, we derive guidelines for designing new protocols securely, as well as recommendations on how existing protocols can be adjusted to become more secure. We base these recommendations on our analysis of how – historical – protocols were designed and which underlying design decisions made their corresponding implementations susceptible to security issues.
AB - Network protocols define how networked computer systems exchange data. As they define all aspects of this communication, the way they are designed is also security sensitive. If communication is supposed to be encrypted, this has to be outlined in the protocol’s specification. If services implementing the protocol should allow for authentication, this has to be defined in the protocol. Hence, the way a protocol is designed is elemental for the security of systems later implementing it. Security by design starts with the protocol definition. Especially in today’s fast-moving environment, with cloud services and the Internet of Things, engineers constantly have to develop new protocols. In this chapter, we derive guidelines for designing new protocols securely, as well as recommendations on how existing protocols can be adjusted to become more secure. We base these recommendations on our analysis of how – historical – protocols were designed and which underlying design decisions made their corresponding implementations susceptible to security issues.
UR - https://arxiv.org/abs/1610.05531
U2 - 10.1007/978-3-658-21655-9_41
DO - 10.1007/978-3-658-21655-9_41
M3 - Chapter
SN - 978-3-658-21654-2
SP - 585
EP - 613
BT - Cybersecurity Best Practices
PB - Springer
ER -