Prof. Justin Cappos talk on "Transforming Networked Applications By Understanding Network Semantics"
On Tuesday July 31, 2012, at 1 p.m (13:00), Justin Cappos from NYU's Polytechnic Institute (New York) will give a talk on techniques for encapsulating diverse network functionality into semantically verified components called AFFIXs. See below for a detailed abstract.
The talk will be given at the
Chair of Future Communication
(endowed by A1 Telekom Austria AG)
Prof. Kurt Tutschku
Universitaetsstrasse 10/T11 (2nd floor)
Justin Cappos is an assistant professor at NYU's Polytechnic Institute. Justin's research interests generally fall broadly in the area of systems security. He focuses on understanding high-impact, large-scale problems by building and measuring deployed systems. His dissertation work was on Stork, a secure and efficient package manager that has been in use for the past 8 years. Improvements pioneered in Stork have been adopted by most major Linux package managers including APT, YUM, Pacman, and YaST.
Network diversity can pose a difficult challenge for applications. Today's Internet is rife with middle boxes like NATs, proxy servers, CDNs and firewalls. End user devices move between networks as the users move from place to place. Similarly, modern devices commonly connect to multiple networks at a time, many of them wireless. This network diversity can cause subtle differences in the semantic behavior of the network API, causing previously operational applications to perform
poorly or fail.
To remedy this, there exist many networking libraries. An application programmer that wants to use a mobility library (for instance), must port their application to use the API of a mobility library that provides support for systems that change IP addresses. While porting the application to the mobility library fixes the problem for mobile users, the application may also need to support users behind a NAT. This will require the application to be ported to use this
library as well. If a mobile user may also move behind a NAT, then the mobility library must also be ported to use the NAT library. Apart from being time consuming, the composition of functionality can result in network API changes that produce application bugs that are very hard to find and replicate. The composition of network functionality breaks applications because the semantics of a network library do not match the underlying interface (such as the socket API).
We propose transformative new techniques for validating network API semantics. Using these techniques, we will encapsulate diverse network functionality into semantically verified components called AFFIXs. Due to the validation of network semantics, one or more AFFIXs can be added to an application without modifying the application and any added network functionality is guaranteed to work seamlessly.
Our goal is to build such a system that is backwards compatible with the existing Internet. If these research challenges can be met, AFFIXs will provide a similar degree of flexibility as software defined networking efforts, like OpenFlow, but with different limitations and benefits. AFFIXs will be broadly useful in supporting new network and device types, optimizing network performance, and adding network security or privacy properties to applications.