참가등록비
- 일반(학생이 아닌): 10,000엔 (2007년 2월 28일까지), 12,000엔 (2007년 2월 28일 이후)
- 학생: 3,500엔 (위 기간과 관계 없이)
참가등록비에는 이름표, 논문집, 티셔츠, 지하철표(패스넷 카드), 마지막 이틀의 점심과 연회 티켓이 포함됩니다.
튜토리얼 참가비
- 튜토리얼(종일): 강좌당 10,000엔 (학생은 5,000엔)
- 튜토리얼(반나절): 강좌당 6,000엔 (학생은 3,000엔)
이 튜토리얼 참가비에는 자료집이 포함됩니다.
관광(옵션)
3월 12일에 여러가지 옵션 관광이 기획되어 있습니다. 이는 외국에서 온 컨퍼런스 참가자를 위한 것이며 BSD와 관련된 것은 아닙니다. 자세한 정보는 온라인 등록 개시후 알려 드립니다.
호텔 숙박
부가적으로 온라인 등록 시스템을 통해서 다음 호텔에 예약이 가능합니다. 상세한 것은 등록 폼을 참조하세요.
호텔명 | 숙박비 (싱글/더블, 1인당) | 위치 |
---|---|---|
도쿄 오차노미즈 호텔 쥬라쿠 (호텔 홈페이지는 일본어) | 7,500엔/6,500엔 | JR 오차노미즈 역 근처 |
스이도바시 그랜드 호텔 (호텔 홈페이지는 일본어) | 8,085엔/6,930엔 | JR 스이도바시 역 근처 |
도쿄 그린 호텔 스이도바시 | 8,700엔/9,150엔 | JR 스이도바시 역 근처 |
도쿄 돔 호텔 | 17,525엔/18,480엔 (1실당) | JR 스이도바시 역 근처 |
문의사항은 로 해 주십시오.
회장까지 교통수단
- 도쿄대학 혼고 캠퍼스 지도
- 신공학부 2호관 위치 (전반 이틀간 회장)
- 다케다 빌딩 위치 (후반 이틀간 회장)
컨퍼런스 시간표
주의: 이 페이지는 상세 정보가 들어올 때 마다 업데이트됩니다.
1일째 (2007년 3월 8일) - 튜토리얼과 소규모 미팅 I
룸 A | 룸 B | 룸 C | 룸 D | |
---|---|---|---|---|
오전 | 튜토리얼 T1A: "An Introduction to the FreeBSD Open-Source Operating System" Marshall Kirk McKusick, PhD (종일) |
튜토리얼 T1B: "Building Clusters With FreeBSD" Brooks Davis (brooks at FreeBSD.org) (반나절) |
미정 | 미정 |
오후 | 튜토리얼 T2B: "FreeBSD Security Features" Robert N M Watson (rwatson at FreeBSD.org) (반나절) | 미정 | 미정 |
2일째 (2007년 3월 9일) - 튜토리얼과 소규모 미팅 II
룸 A | 룸 B | 룸 C | 룸 D | |
---|---|---|---|---|
오전 | 미정 | 튜토리얼 T3B: "Firewalling with OpenBSD's PF packet filter" Peter N. M. Hansteen (peter at bgnett.no) (반나절) |
튜토리얼 T3C: "Development Technique for BSD Embedded Systems" (in Japanese only) Shozo Takeoka (take at axe-inc.co.jp) (반나절) |
미정 |
오후 | 미정 | 튜토리얼 T4B: "Advanced PF Rulesets" Ryan McBride (mcbride at openbsd.org) (반나절) |
Meeting M4C: NetBSD Discussion 사회: Masao Uebayashi (uebayasi at gmail.com) |
미정 |
저녁 | 미정 | 미정 | 미정 | Meeting M5D: FreeBSD Night 사회: IKEGAMI Akiko (gami at hadashi.org) |
3일째 (2007년 3월 10일) - 논문 세션 I(단일 트랙)
09:00 - 09:10 | 개회사 |
---|---|
09:10 - 10:10 | P1: A NetBSD-based IPv6 NEMO Mobile Router Jean Lorchat, Koshiro Mitsuya, Romain Kuntz (Keio University, Japan) |
10:10 - 11:10 | P2: Reflections on Building a High Performance Computing Cluster Using FreeBSD Brooks Davis (The Aerospace Corporation/brooks at FreeBSD.org, USA) |
11:10 - 12:10 | 점심 |
12:10 - 13:10 | P3: Support for Radio Clocks in OpenBSD Marc Balmer (mbalmer at openbsd.org, Switzerland) |
13:10 - 14:10 | P4: puffs - Pass to Userspace Framework File System Antti Kantee (Helsinki University of Technology, Finland) |
14:10 - 14:25 | 휴식 |
14:25 - 15:25 | P5: An ISP Perspective, jail(8) Virtual Private Servers Isaac Levy (NYC*BUG/LESMUUG, USA) |
15:25 - 16:25 | P6: Nsswitch Development: Nss-modules and libc Separation and Caching Michael A Bushkov (Southern Federal University/bushman at FreeBSD.org, Russia) |
16:25 - 16:40 | 휴식 |
16:40 - 17:40 | P7: OpenBSD as a Development Platform Ryan McBride (mcbride at openbsd.org, Japan) |
17:40 - 18:40 | P8: How the FreeBSD Project Works Robert N M Watson (University of Cambridge/rwatson at FreeBSD.org, United Kingdom) |
18:40 - 18:50 | 휴식 |
18:50 - 19:50 | Invited Talk (I1): The Internet for BSD, BSD for the Internet Prof. Jun Murai (Keio University, Japan) |
20:00 - 21:30 | 연회 |
4일째 (2007년 3월 11일) - 논문 세션 II (단일 트랙)
09:00 - 10:00 | P9: OpenBSD Network Randomness Injection: Further Improvements Ryan McBride (mcbride at openbsd.org, Japan) |
---|---|
10:00 - 11:00 | P10: SHISA: The Mobile IPv6/NEMO BS Stack Implementation Current Status Keiichi Shima (Internet Initiative Japan Inc., Japan), Koshiro Mitsuya, Ryuji Wakikawa (Keio University, Japan), Tsuyoshi Momose (NEC Corporation, Japan), Keisuke Uehara (Keio University, Japan) |
11:00 - 12:00 | 점심 |
12:00 - 13:00 | Invited Talk (I2): A Narrative History of BSD Marshall Kirk McKusick, PhD (USA) |
13:00 - 13:10 | 휴식 |
13:10 - 14:10 | P11: Bluffs: BSD Logging Updated Fast File System Stephan Uphoff (Yahoo!, Inc./ups at FreeBSD.org, USA) |
14:10 - 15:10 | P12: Implementation and Evaluation of the Dual Stack Mobile IPv6 Koshiro Mitsuya, Ryuji Wakikawa, Jun Murai (Keio University, Japan) |
15:10 - 15:25 | 휴식 |
15:25 - 16:25 | P13: Recent Improvements in OpenBSD's IPsec Support Mathieu Sauve-Frankel (msf at openbsd.org, Japan) |
16:25 - 17:25 | P14: SCTP Introduction Randall R. Stewart (Cisco Systems) |
17:25 - 17:40 | 휴식 |
17:40 - 18:40 | P15: Security Measures in OpenSSH Damien Miller (djm at openbsd.org, Australia) |
18:40 - 19:40 | P16: Porting the ZFS File System to the FreeBSD Operating System Pawel Jakub Dawidek (pjd at FreeBSD.org, Poland) |
19:50 - 21:30 | 석식 |
초청강연
I1: The Internet for BSD, BSD for the Internet
- 요약:
- (예정)
- 강사:
- Prof. Jun Murai, a Professor, Faculty of Environmental Information, Keio University since April 1997, a Vice-President of Keio University since May 2005, the general chairperson of WIDE Project, chair of AI3 Project, and director of SOI Asia Project.
I2: A Narrative History of BSD
- 요약:
- Learn the history of the BSD (Berkeley Software Distributions) from one of the key developers who brings the history to life complete with anecdotes and interesting footnotes to the historical narrative.
It begins with the start of the BSD community at the University of California at Berkeley in the late 1970's. It relates the triumphs and defeats of the project and its releases during its heydays in the 1980s. The Berkeley era concludes with the tumultuous lawsuit ultimately settled in Berkeley's favor which allowed the final release in 1992 of 4.4BSD-Lite, an open-source version of BSD. The talk concludes with a brief commentary on the FreeBSD, NetBSD, OpenBSD, Darwin, and Dragonfly projects that took their genesis from the release of 4.4BSD-Lite. - 강사:
- Dr. Marshall Kirk McKusick writes books and articles, consults, and teaches classes on UNIX- and BSD-related subjects. For the past ten years he has been a developer and commiter to the FreeBSD Project. His particular areas of interest are the virtual-memory system and the filesystem. While at the University of California at Berkeley, he implemented the 4.2BSD fast file system, and was the Research Computer Scientist at the Berkeley Computer Systems Research Group (CSRG) overseeing the development and release of 4.3BSD and 4.4BSD. He earned his undergraduate degree in Electrical Engineering from Cornell University, and did his graduate work at the University of California at Berkeley, where he received Masters degrees in Computer Science and Business Administration, and a doctoral degree in Computer Science. He is a past president of the Usenix Association, is on the editorial board of ACM's Queue magazine, and is a member of ACM and IEEE.
튜토리얼
T1A: An Introduction to the FreeBSD Open-Source Operating System
- 요약:
- This course will provide a firm background in the FreeBSD kernel. The course will cover basic kernel services, process structure, the
FreeBSD jail facility for hosting virtual machines, scheduling, signal handling, and virtual and physical memory management. The kernel I/O structure will be described showing how I/O is multiplexed, special devices are handled, and the filesystem buffers are managed. The implementation of the filesystem and its capabilities including soft updates and snapshots will be described. The filesystem interface will then be generalized to show how to support multiple filesystem types. The course will also cover the FreeBSD socket-based network architecture, layering and implementation. The socket communications primitives and internal layering will be discussed, with emphasis on the interfaces between the layers. A discussion of routing issues will be included. The presentations will emphasize code organization, data structure navigation, and algorithms. It will not cover the machine specific parts of the system such as device drivers.
Course Text: Marshall Kirk McKusick and George V. Neville-Neil, ``The Designand Implementation of the FreeBSD Operating System'', Addison-Wesley Publishing Company, Reading, Massachusetts, 2005, 720 pages. - 강사:
- Dr. Marshall Kirk McKusick writes books and articles, consults, and teaches classes on UNIX- and BSD-related subjects. For the past ten years he has been a developer and commiter to the FreeBSD Project. His particular areas of interest are the virtual-memory system and the filesystem. While at the University of California at Berkeley, he implemented the 4.2BSD fast file system, and was the Research Computer Scientist at the Berkeley Computer Systems Research Group (CSRG) overseeing the development and release of 4.3BSD and 4.4BSD. He earned his undergraduate degree in Electrical Engineering from Cornell University, and did his graduate work at the University of California at Berkeley, where he received Masters degrees in Computer Science and Business Administration, and a doctoral degree in Computer Science. He is a past president of the Usenix Association, is on the editorial board of ACM's Queue magazine, and is a member of ACM and IEEE.
T1B: Building Clusters With FreeBSD
- 요약:
- This tutorial will be composed of two somewhat intertwined parts. The first part will be a updated and extended version of the talk on cluster architecture considerations I gave at BSDCon 2003 based on several more years of experience. The idea is to hit the major design points cluster builders need to address. This part is platform neutral.
The second part will be a detailed overview of the FreeBSD features I've used to build and manage my cluster. In particular diskless booting, useful ports, and some specifics of configuring Sun Grid Engine and Ganglia. - 강사:
- Brooks Davis is a Senior Member of Technical Staff in the High Performance Computing Section if the Computer Systems Research Department at The Aerospace Corporation. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and a core team member since 2006. He earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998. His computing interests include high performance computing, networking, security, mobility, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys reading, cooking, brewing and pounding on red-hot iron in his garage blacksmith shop.
T2B: FreeBSD Security Features
- 요약:
- FreeBSD system administrators are familiar with the UNIX security model: users, groups, and file permissions. However, security for UNIX systems has been one of the most active areas of OS research and development over the last ten years, leading to dozens of new features in FreeBSD between FreeBSD 4.x and FreeBSD 6.x. This tutorial will provide a tour of some of the new FreeBSD security features, describing where they may be useful and how to use them. Topics covered include Access Control Lists (ACLs), Security Event Auditing, and several system hardening techniques based on the TrustedBSD MAC Framework. The presenter offers a unique perspective as the designer or implementor of several of these features.
- 강사:
- Robert N M Watson is a researcher at the University of Cambridge Computer Laboratory investinging operating system and network security. Prior to joining the Computer Laboratory to work on a PhD, he was Senior Principal Scientist at McAfee Research, now SPARTA ISSO, a leading security research and development organization, directing government and commercial research contracts for customers that include DARPA, the US Navy, and Apple Computer. His research interests include operating system security, network stack structure and performance, and windowing system structure. He is also a member of the FreeBSD Core Team and president of the FreeBSD Foundation.
T3B: Firewalling with OpenBSD's PF packet filter
- 요약:
- This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. Aims at teaching tools and techniques to make sure your network works the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable pointers to how you build the network you need. The session will also offer some insight in the subtle but important changes to be introduced to PF in the upcoming OpenBSD 4.1 version.
- 강사:
- Peter N. M. Hansteen is a consultant, writer and sysadmin based in Bergen, Norway. He has been tinkering with computers since the mid 1980s, mainly while working to document how the systems work and why they don't, in English as well as his native Norwegian. In 1991 he co-founded Datadokumentasjon AS, a documentation and localization company where he is still chairman and senior consultant. Peter rediscovered Unixes about the time 386BSD appeared. After a few years on Linux, which included participation in the RFC1149 implementation (2001), he eventually migrated all important bits to FreeBSD and OpenBSD. A long time freenix advocate, he is a member of the BLUG (Bergen (BSD and) Linux User Group) core group and current vice president of NUUG (the Norwegian Unix User Group). During recent years a frequent lecturer and tutor with emphasis on FreeBSD and OpenBSD topics, he is now working on a book on building the network you need using free tools, mainly BSD ones.
T3C: Development Technique for BSD Embedded Systems" (in Japanese only)
- 요약:
- This tutorial will provide various technique for embedded BSD systems. The talk consists of two parts: the first half covers hardware requirements, configuration tips, HDD-less BSD, and basic procedure of porting BSD to a not-yet-supported CPU architecture. The another half convers the instractor's real-life experiences on porting BSD and developing embedded systems such as issues on non-x86 systems and how to make it without documentation. The talk itself will not be BSD flavor specific, but most of the examples are based on NetBSD.
이 튜토리얼은 일본어로 진행됩니다. - 강사:
- Shozo Takeoka is the president of AXE, Inc. He worked on development of Wnn (Kana-Kanji conversion software) and X Window terminals in 1980s as well as operating system design for X Window terminals and TCP/IP protocol software, and then worked on LSI hardware and software design of 1024PE-class parallel computer. In 1992 he founded AXE, Inc. and developed a embedded-system-friendly microkernel called XTAL. XTAL has been adopted by Zaurus series (PDA by Sharp Corporation), digital cameras by Olympus Corporation, and 6Mbps IP communication system for satellite. He is now working on BSD/Linux embedded system and real-time system along with his company's management. AXE, Inc.'s anchor products are middleware for cellular phones, embedded BSD, embedded Linux, and so on, and it provides them to vendors of network equipment, home electric appliance, and digital camera.
T4B: Advanced PF Rulesets
- 요약:
- (예정)
- 강사:
- Ryan McBride (mcbride at openbsd.org)
Small Meeting
M4C: NetBSD Discussion
- 요약:
- Talk about NetBSD and related topics.
- 사회:
- Masao Uebayashi (uebayasi at gmail.com)
M5D: FreeBSD Night
- 요약:
- This is a small meeting to talk turkey about FreeBSD among FreeBSD users in Japanese and English. No specific agenda planned but enjoy cozy gathering!
- 사회:
- IKEGAMI Akiko (gami at hadashi.org)
논문
P1: A NetBSD-based IPv6 NEMO Mobile Router
- 저자:
- Jean Lorchat, Koshiro Mitsuya, Romain Kuntz (Keio University, Japan)
- 초록:
- This paper defines the problem statement of vehicle-embedded networking in order to communicate with the infrastructure (the Internet) as well as with other cars. Based on this problem statement, we explain the steps that allowed us to build a mobile router addressing this problem by using state of the art software. This software includes the NetBSD-current kernel and networking code developed by the Japan-based WIDE project working groups: the K오전E IPv6 stack with SHISA extensions for Mobile IPv6 (MIPv6) and Network Mobility (NEMO) support, and the Zebra-based OLSR daemon with IPv6 extensions allowing for a Mobile Ad Hoc Networks (MANET) and NThis paper defines the problem statement of vehicle-embedded networking in order to communicate with the infrastructure (the Internet) as well as with other cars. Based on this problem statement, we explain the steps that allowed us to build a mobile router addressing this problem by using state of the art software. This software includes the NetBSD-current kernel and networking code developed by the Japan-based WIDE project working groups: the K오전E IPv6 stack with SHISA extensions for Mobile IPv6 (MIPv6) and Network Mobility (NEMO) support, and the Zebra-based OLSR daemon with IPv6 extensions allowing for a Mobile Ad Hoc Networks (MANET) and NEMO cooperation, also known as MANEMO.
P2: Reflections on Building a High Performance Computing Cluster Using FreeBSD
- 저자:
- Brooks Davis (The Aerospace Corporation/brooks at FreeBSD.org, USA)
- 초록:
- Since late 2000 we have developed and maintained a general purpose technical and scientific computing cluster running the FreeBSD operating system. In that time we have grown from a cluster of 8 dual Intel Pentium III systems to our current mix of 64 dual Intel Xeon and 289 dual 오전D Opteron systems. This paper looks back on the system architecture as documented in our BSDCon 2003 paper "Building a High-performance Computing Cluster Using FreeBSD" and our changes since that time. After a brief overview of the current cluster we revisit the architectural decisions in that paper and reflect on their long term success. We then discuss lessons learned in the process. Finally, we conclude with thoughts on future cluster expansion and designs.
P3: Support for Radio Clocks in OpenBSD
- 저자:
- Marc Balmer (mbalmer at openbsd.org, Switzerland)
- 초록:
- Every computer is equipped with at least a clock chip or a general purpose device to provide a timer function. While these timers are certainly precise enough for measuring relatively short periods of time, they are not well suited for keeping the correct time and date over a longer period, since almost every chip drifts by a few seconds per day. Even so called real-time clocks only approximately meet the real time.
External time sources can be used to synchronize the local clock with a much more precise time information. Time signals are disseminated over various systems, the best known are the US american GPS (Global Positioning System) and time signal stations. Time signal stations are available in many countries, they transmit time information over long-wave radio signals; while the coding schemes vary from time signal station to time signal station, the decoding principles are similar.
This paper is a detailed description of my work over the last twelve months to add support for both, GPS and time signal stations, to OpenBSD in a novel way and how these new time related drivers interact with the operating system and applications like OpenNTPD that make use of external time sources.
The paper outlines the general problems of setting a computers clock at runtime, then gives an overview about time signal stations, how they work and what codes they use (detailing the German DCF77 and the Swiss HBG station, and also the Japanese time signal stations); it will then outline how GPS systems can deliver time information to a computer and which precision can be expected. It will then discuss how time is handled in OpenBSD (which is different to most other operating systems) and describe the OpenBSDs own NTP implementation OpenNTPD.
The functionality of the new time related drivers in OpenBSD, udcf(4), nmea(4) and mbg(4) and how they interact with the system is explained. Implementation details of the new drivers are given espcially how time signal stations can be decoded with relatively simple receivers using an elegant algorithm.
P4: puffs - Pass to Userspace Framework File System
- 저자:
- Antti Kantee (Helsinki University of Technology, Finland)
- 초록:
- Fault tolerant and secure operating systems are a worthwhile goal. A known method for accomplishing fault tolerance and security is isolation. This means running separate operating system services in separate protection domains so that they cannot interfere with each other, and can communicate only via well-defined messaging interfaces. Isolation and message passing brings inherent overhead when compared to services doing communication by accessing each others memory directly. To address this, the ultimate goal would be to be able to run the kernel subsystems in separate domains during development and testing, but have a drop-in availability to make them run in kernel mode for performance critical application scenarios. Still today, most operating systems are written purely with C and some assembly using the monolithic kernel approach, where all operating system code runs within a single protection domain. A single error in any subsystem can bring the whole operating system down. This work presents puffs?- the Pass-to-Userspace Framework File System - shipped with the NetBSD Operating System. It is a framework for implementing file systems outside of the kernel in a separate protection domain in a user process. The implementation is discussed in-depth for a kernel programmer audience. The benefits in implementation simplicity and increased security and fault tolerance are argued to outweigh the measured overhead when compared with a classic in-kernel file system. A concrete result of the work is a completely BSD-licensed sshfs implementation.
P5: An ISP Perspective, jail(8) Virtual Private Servers
- 저자:
- Isaac Levy (NYC*BUG/LESMUUG, USA)
- 초록:
- The jail(8) subsystem in FreeBSD is well known to be the most secure and durable option for Virtualized UNIX systems for users, building on the timeless methodology which defines UNIX itself. This presentation aims to share real-world experiences running massively jailed systems, from a ISP perspective.
This material is divided into three major components:
1) Real-world threat models, mutually untrusted users - Social concerns, establishing user expectations
2) Applying trusted technologies to meet user expectations - Examples of timeless methodolgy in computing
3) Scaling: deployment and long-term management practice, practical successes and failures
P6: Nsswitch Development: Nss-modules and libc Separation and Caching
- 저자:
- Michael A Bushkov (Southern Federal University/bushman at FreeBSD.org, Russia)
- 초록:
- The work, described in this paper, was made during and after the Google Summer Of Code 2006, which I was lucky to participate in. It is not yet committed to the -CURRENT, but I hope it to be finally reviewed and committed in the nearest future.
Nss-modules and libc separation. The idea of nss-modules and libc separation is quite straight-forward: we should make several dynamic libraries (nss_files, nss_dns, nss_compat, nss_nis) and move appropriate code from libc to them.
P7: OpenBSD as a Development Platform
- 저자:
- Ryan McBride (mcbride at openbsd.org, Japan)
- 초록:
- OpenBSD is well known for it's "Secure by Default" policy, but the OpenBSD project's official goals centre more around the concerns of developers. Providing correct code, tools, and documentation is the true goal of the project, and it's security approach is a result of this pursuit of quality. Created for and by developers, OpenBSD provides an ideal environment for developing and testing 3rd party applications, even when OpenBSD is not the end-target platform.
This paper provides an overview of these technologies, including the toolchain modifications that can help identify potential problems during the coding process, and runtime environment modifications that help to identify issues during testing. It will also touch on the some of the other developper-friendly aspects of OpenBSD, including the clean, minimal base environment, uncompromising source code licensing policy, and clear, comprehensive documentation. Finally, it will cover issues around porting software to and from OpenBSD.
P8: How the FreeBSD Project Works
- 저자:
- Robert N M Watson (University of Cambridge/rwatson at FreeBSD.org, United Kingdom)
- 초록:
- The FreeBSD Project is one of the oldest and most successful open source operating system projects, seeing wide deployment across the IT industry. From the root name servers, to top tier ISPs, to core router operating systems, to firewalls, to embedded appliances, you can't use a networked computer for ten minutes without using FreeBSD dozens of times. Part of FreeBSD's reputation fo r quality and reliability comes from the nature of its development organization-driven by a hundreds of highly skilled volunteers, from high school students to university professors. And unlike most open source projects, the FreeBSD Project has developers who have been working on the same source base for over twenty years. But how does this organization work? Who pays the bandwidth bills, runs the web servers, writes the documentation, writes the code, and calls the shots? And how can developers in a dozen time zones reach agreement on the time of day, let alone a kernel architecture? This presentation will attempt to provide, in 45 minutes, a brief if entertaining snapshot into what makes FreeBSD run.
P9: OpenBSD Network Randomness Injection: Further Improvements
- 저자:
- Ryan McBride (mcbride at openbsd.org, Japan)
- 초록:
- Poorly specified or poorly implemented protocols often contain fields for which the value is essentially arbitrary, but can be guessed by an attacker in order to perform a spoofing attack, or leak information about the system which provided the data. By using random or strong pseudo-random data for these fields, many protocol attacks can be prevented or made impractical, and information leakage can be minimised.
The OpenBSD project has been very aggressive in its use of pseudo-random data in its network code; as a policy pseudo-random data is used in protocol fields wherever possible, in many cases in a way not envisioned by the protocol designers. Randomness used within protocols explicitly for security purposes (such as randomness in IPSec, ssh, kerberos, etc) is not discussed - the interest is in randomness which is not intended by the protocol designers.
Building on previous work, this paper outlines the reasons for this approach, discusses how and where it is implemented in OpenBSD, and provides examples of attacks which this approach has mitigated. Active development of routing daemons in OpenBSD has highlighted some issues with the OSPF and RIP MD5 authentication mechanisms, OpenBSD's approach to dealing with these protocols will be discussed in detail; The paper also addresses issues that aggressive inclusion of rseudo-random data causes in certain corner cases, and discusses the work that is being done to mitigate the problem without sacrificing the security benefits.
P10: SHISA: The Mobile IPv6/NEMO BS Stack Implementation Current Status
- 저자:
- Keiichi Shima (Internet Initiative Japan Inc., Japan), Koshiro Mitsuya, Ryuji Wakikawa (Keio University, Japan), Tsuyoshi Momose (NEC Corporation, Japan), Keisuke Uehara (Keio University, Japan)
- 초록:
- Mobile IPv6 and Network Mobility Basic Support (NEMO BS) are the IETF standard mobility protocols for IPv6. We implemented the protocol stack `SHISA' that provides these protocol functions. The protocol stack supports most of the described features in these mobility protocol specifications and has high level interoperability. We are now focusing to adapt the developed code to fit the latest BSD source tree. In this paper we explain the detailed implementation design of the stack and current status of the porting work.
P11: Bluffs: BSD Logging Updated Fast File System
- 저자:
- Stephan Uphoff (Yahoo!, Inc./ups at FreeBSD.org, USA)
- 초록:
- This paper introduces Bluffs, a journaling file system that is mostly compatible with the Fast File System (FFS) on disk structure. The FFS has been successfully used for a long time. However increased disk capacities have made the classic crash recovery using a file system checker (fsck) a prohibitively time expensive operation. Soft Updates [4] and background fsck were introduced to combat the problem but added code complexity to FFS. Bluffs goal is to replace FFS by providing the same functionality as FFS with better error recovery and a fresh simple code structure. Allowing bidirectional migration of file systems between FFS and Bluffs format should make transitioning easier, provides file system checker tools to Bluffs and allows booting with the standard bootstrap loaders.
P12: Implementation and Evaluation of the Dual Stack Mobile IPv6
- 저자:
- Koshiro Mitsuya, Ryuji Wakikawa, Jun Murai (Keio University, Japan)
- 초록:
- The IETF Dual Stack Mobile IPv6 (DSMIPv6) specification extends Mobile IPv6 capabilities to support IPv4 care-of address and to carry IPv4 traffic via bi-directional tunnels between mobile nodes and their home agents. Using DSMIPv6, mobile nodes only need the Mobile IPv6 protocol to manage mobility while moving within both the IPv4 and IPv6 Internet. This is the important feature for IPv6 mobility during its deployment phase. This paper describes the DSMIPv6 implementation on BSD operating systems.
P13: Recent Improvements in OpenBSD's IPsec Support
- 저자:
- Mathieu Sauve-Frankel (msf at openbsd.org, Japan)
- 초록:
- During the last two years there has been a renewed interest in improving the IPsec tools shipped with OpenBSD. This paper provides an overview of newly implemented features and tools as well as expand on ongoing work and future directions.
P14: SCTP Introduction
- 저자:
- Randall R. Stewart (Cisco Systems)
- 초록:
- Stream Control Transmission Protocol (SCTP) is an innovative new transport protocol standardized by the IETF in October, 2000. It has recently been added to FreeBSD Current and is available for MAC OSX and NetBSD as well. This talk will first introduce the attendee to some of the unique features of SCTP, contrasting it with TCP. The second half of the talk will discuss the socket API and how it can be used to interact with SCTP.
Two distinct socket models can be used with SCTP depending upon application needs. We will discuss these models as well as socket API extensions that have been defined to ease access to some of SCTPs extended features.
P15: Security Measures in OpenSSH
- 저자:
- Damien Miller (djm at openbsd.org, Australia)
- 초록:
- This paper examines several security measures that have been implemented in OpenSSH. OpenSSH's popularity, and the necessity for the server to wield root privileges, have made it a high-value target for attack. Despite initial and ongoing code audits, OpenSSH has suffered from a number of security vulnerabilities over its 7.5 year life. This has prompted the developers to implement several defensive measures, intended to reduce both the likelihood of exploitable errors and the consequences of exploitation should they occur. This paper examines these defensive measures; each measure is described and assessed for implementation effort, attack surface reduction, effectiveness in preventing or mitigating attacks, applicability to other network software and possible improvements.
P16: Porting the ZFS File System to the FreeBSD Operating System
- 저자:
- Pawel Jakub Dawidek (pjd at FreeBSD.org, Poland)
- 초록:
- I'd like to present my work on porting ZFS file system to the FreeBSD operating system. I'll start from introducing ZFS and its great features, then I'll describe my porting efforts, status of my work and technics I used to do the work. While doing presentation I'd like to demonstrate working ZFS on FreeBSD.