Opened 4 years ago

Last modified 4 years ago

#10711 new project

Flashproxy security models and resource management

Reported by: infinity0 Owned by: dcf
Priority: Medium Milestone:
Component: Archived/Flashproxy Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by infinity0)

This is the parent ticket for flashproxy security models and resource management. Other concerns like operational / implementation security should go elsewhere.

The flashproxy system consists of 4 types of entities: client, proxy, facilitator, and server.

The facilitator is a trusted entity, but clients and proxies may be malicious. The servers are actually unaware of the rest of the system, and their security considerations are identical to that of other non-flashproxy PT servers. (Indeed, the code for it is in a separate repository and looks more like a plain PT server).

So, we can group the issues that concern us into three distinct cases:

  • from the proxy's POV, dealing with malicious clients
  • from the client's POV, dealing with malicious proxies
  • from the facilitator's POV, dealing with malicious clients and/or proxies.

The original flashproxy paper contains some attacks; we can explore this area further and form a threat model to address.

Child Tickets

TicketStatusOwnerSummaryComponent
#5426newdcfFacilitator: remember client registrationsArchived/Flashproxy
#7823needs_reviewdcfRate-limit facilitator interactionArchived/Flashproxy
#7945newdcfModify facilitator to hand out multiple relays.Archived/Flashproxy
#8172newdcfAdjust proxy polling interval to maintain desired level of serviceArchived/Flashproxy
#9949newdcfhave each fp client register at multiple custom facilitatorsArchived/Flashproxy
#9964newdcfclient registrations should expireArchived/Flashproxy

Change History (1)

comment:1 Changed 4 years ago by infinity0

Description: modified (diff)
Summary: Flashproxy security issuesFlashproxy security models and resource management

re-wording the description to clearly reduce the scope, which is what I originally meant

Note: See TracTickets for help on using tickets.