Title :
Behavior-Based Policies for Preserving Confidentiality in PCE-based Multi-domain MPLS Networks
Author :
Gharbaoui, Molka ; Paolucci, Francesco ; Martini, Barbara ; Cugini, Filippo ; Castoldi, Piero
Author_Institution :
Scuola Superiore Sant´´Anna, Pisa, Italy
Abstract :
Inter-domain path computations under the responsibility of cooperative Path Computation Elements (PCEs) guarantee effective network resource utilization and provide a basic level of information confidentiality. However, malicious PCEs belonging to different domains might misbehave by sending sequences of bogus requests and taking advantage of their interdependence to discover confidential information. In this work, we propose the use of XACML policies in order to avoid malicious utilizations of PCEP procedures and preserve confidentiality across domains. Policies are based on the analysis of the behavior of PCEP peers and the possible correlations among requests from which they might get access to private information.
Keywords :
XML; multiprotocol label switching; telecommunication computing; telecommunication security; PCE-based multidomain MPLS networks; PCEP malicious utilizations; XACML policies; behavior-based policies; bogus requests; cooperative path computation elements; information confidentiality; interdomain path computations; Authorization; Bandwidth; Computer architecture; Databases; Measurement; Multiprotocol label switching; Confidentiality; PCE; Policies; XACML;
Conference_Titel :
Policies for Distributed Systems and Networks (POLICY), 2011 IEEE International Symposium on
Conference_Location :
Pisa
Print_ISBN :
978-1-4244-9879-6
Electronic_ISBN :
978-0-7695-4330-7
DOI :
10.1109/POLICY.2011.15
