Abstract


Midpoints versus Endpoints: From Protocols to Firewalls


Diana von Bidder and David Basin and Germano Caronni




Today's protocol specifications only define the behaviour of principals 
representing communication endpoints. But in addition to endpoints, 
networks contain midpoints, which are machines that observe or filter 
traffic betweenendpoints. In this paper, we explain why midpoints should 
handle protocols differently from endpoints and thus midpoint specifications 
are needed.With a case study, using the TCP protocol and three different 
firewalls asmidpoints, we illustrate the consequences of the current lack 
of protocol specifications for midpoints, namely that the same protocol is 
implemented differently by the different firewalls. We then propose a 
solution to theproblem: We give an algorithm that generates a midpoint 
automation from specifications of endpoint automata. We prove that the 
resulting midpointautomata are correct in that they forward only those 
messages that could haveresulted from protocol-conform endpoints. Finally, 
we illustrate the algorithmon the TCP protocol.