Client / Server Correlation Values

Slides:



Advertisements
Similar presentations
Doc.: IEEE /087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.
Advertisements

Mitigate Unauthorized Tracking in RFID Discovery Service Qiang Yan 1, Robert H. Deng 1, Zheng Yan 2, Yingjiu Li 1, Tieyan Li 3 1 Singapore Management University,
Business Development Suit Presented by Thomas Mathews.
EFRONT V4 EXTENSIONS ARCHITECTURE. The goal  To offer more flexibility to 3 rd party users to modify eFront functionality  To further extend eFront.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
PRIME Concepts used in BluES’n Demonstration and Briefing Meeting 17/18 November 2005 in Dresden.
© 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice KMIP Key Naming for Removable Media.
KMIP Vendor Extension Management KMIP supports ‘extensions’ but provides no mechanism for coordination of values between clients and servers or between.
TAC Vista Security. Target  TAC Vista & Security Integration  Key customer groups –Existing TAC Vista users Provide features and hardware for security.
Table design screen Field name Data type Field size Other properties.
Toolbox Mirror -Overview Effective Distributed Learning.
Website Development Registering Users – Introducing Cookies.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.
Series DATA MANAGEMENT. 1 Why ? Alarm/Status Notification –Remote unattended sites »Pumping stations –Pharmaceutical/Plant maintenance.
Mastering Windows Network Forensics and Investigation Chapter 11: Text Based Logs.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.
Presented by: Alvaro Llanos E.  Motivation and Overview  Frangipani Architecture overview  Similar DFS  PETAL: Distributed virtual disks ◦ Overview.
A Comprehensive Solution Team Mag 5 Valerie B., Derek C., Jimmy C., Julia M., Mark Z.
Copyright ®xSpring Pte Ltd, All rights reserved Versions DateVersionDescriptionAuthor May First version. Modified from Enterprise edition.NBL.
Distributed Transactions March 15, Transactions What is a Distributed Transaction?  A transaction that involves more than one server  Network.
13.6 Representing Block and Record Addresses
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
KMIP - Hardware Security Modules Meta-Data-Only (MDO) Keys Saikat Saha & Denis Pochuev Feb 2012.
DHCP Security DHCP Snooping and Security David Mitchell 03/19/2008.
Microsoft ® Business Solutions–Navision ® 4.0 Development II - C/SIDE Solution Development Day 5.
Chapter 6 Server-side Programming: Java Servlets
Introduction to the SharePoint 2013 REST API. 2 About Me SharePoint Solutions Architect at Sparkhound in Baton Rouge
® IBM Software Group © 2007 IBM Corporation Best Practices for Session Management
CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 08 PHILLIPA GILL – STONY BROOK UNIVERSITY.
Verification & Validation. Batch processing In a batch processing system, documents such as sales orders are collected into batches of typically 50 documents.
Chapter 18 Historian and Trends
CIS 451: Cookies Dr. Ralph D. Westfall February, 2009.
11 Restricting key use with XACML* for access control * Zack’-a-mul.
KMIP Compliance Redefining Server and Client requirements to claim compliance Presented by: Bob Lockhart.
KMIP - Hardware Security Modules Meta-Data-Only (MDO) Keys Saikat Saha & Denis Pochuev Feb 2012.
Rice Stock Market Simulator (RSMS) Comp 415 Rice University.
Subscribing to datastore push updates draft-netmod-clemm-datastore-push-00.txt Alexander Clemm, Alberto Gonzalez Prieto, Eric Voit.
©2009 HP Confidential1 Proposal to OASIS KMIP TC Stan Feather and Indra Fitzgerald Hewlett-Packard Co. 26 October, 2010 Encoding Options for Key Wrap of.
Module 6: Administering Reporting Services. Overview Server Administration Performance and Reliability Monitoring Database Administration Security Administration.
Locate By Value Anthony Berglas. Basic Idea To extend Locate so that it queries managed object’s values (KeyBlock) in the same way that it can now be.
KMIP Compliance Redefining Server and Client requirements to claim compliance Presented by: Bob Lockhart.
Luz GUEVARA - Simon CHOLLET INGRID Database Proposal for Database.
Visibook is instant, simple, and dynamic appointment booking We're headquartered in San Francisco, California "Visibook is awesome. My entire studio was.
 1- Definition  2- Helpdesk  3- Asset management  4- Analytics  5- Tools.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
E- Patient Medical History System
MQTT-255 Support alternate authenticaion mechanisms
Mail Merge for Lotus Notes and Excel User Guide
Using E-Business Suite Attachments
Service Discovery Proposal
Mail Merge for Lotus Notes and Excel User Guide
Considering issues regarding handling token
KMIP Client Registration Ideas for Discussion
Building Configurable Forms
CSM System ( Customer Service Management System)
WEB API.
Chapter 8: Monitoring the Network
Client / Server Correlation Values
Re-provision Credentials
Fundamentals of Databases
X-Road as a Platform to Exchange MyData
OAuth Design Team Call 11th February 2013.
Re-provision Credentials
Test Case Items February, 2019.
Sudarshan Murthy, David Maier, Lois Delcambre
Presented By Justas Raslanas
The Heartbleed Bug and Attack
Presentation transcript:

Client / Server Correlation Values Anthony Berglas

Revision History Logging spec note – Sue G Renamed Client/Server to Request/Response for notify/put – Bruce R Repeat Request Correlation in response – Bruce R Addressed Unique Batch Item ID, Asynchronous Correlation Value, Batch Order Option – David F Request Globally Unique identifier note – Mark J

Customer Requirement Need to be able to include client context in server logs E.g. Which storage device is being processed? Need to be able to store server context in client logs So can ask server administrator “What went wrong with request s739c983nf?” Would like globally unique request identifier Good logging is essential for security and usability (Actual logging not part of the specification)

Proposed Solution Add Request Correlation as a simple string in request header Add Response Correlation as a simple string in response header Plus MUST include Request Correlation if provided Server should log Request Correlation value Server should be able to identify log record using Response Correlation value (Visa versa for server to client.) Usage Guide warns not to include content useful to an attacker

Example Request <RequestMessage> <RequestHeader> <ProtocolVersion> … <ProtocolVersion> <BatchCount type="Integer" value="1"/> <RequestCorrelation type=“TextString” value=“sid=s348sa3d”/> </RequestHeader> …

Example Response <ResponseMessage> <ResponseHeader> <ProtocolVersion> … </ProtocolVersion> <TimeStamp type="DateTime" value="2012-04-27T08:14:42+00:00"/> <BatchCount type="Integer" value="1"/> <RequestCorrelation type=“TextString” value=“sid=s348sa3d”/> <ResponseCorrelation type=“TextString” value=“s34:d8a8g7fd900a9d”/> </ResponseHeader> …

Alternatives Use Unique Batch Item Id Current implementations only unique within a batch – 0, 1, 2 Changing the interpretation of an existing field bad Use Asynchronous Correlation Value Again, an changed meaning to an existing field

Conclusion Very simple additions Enhance logging and analysis capabilities Important information for forensic analysis Very helpful information for diagnosing issues

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.