DocumentCode
2897909
Title
Secure Signaling in Next Generation Networks with NSIS
Author
Bless, Roland ; Rohricht, Martin
Author_Institution
Inst. of Telematics, Univ. Karlsruhe (TH), Karlsruhe, Germany
fYear
2009
fDate
14-18 June 2009
Firstpage
1
Lastpage
6
Abstract
The IETF working group next steps in signaling (NSIS) develops signaling protocols for quality-of-service (QoS) reservations or dynamic NAT and firewall (NAT/FW) configuration. QoS signaling allows for on-demand resource reservations in order to provide guaranteed quality-of-service for real-time oriented services in IP-based next generation networks whereas NAT/FW signaling allows for establishing pinholes in firewalls or bindings in NAT devices. QoS signaling must be secured to allow for a reliable accounting and NAT/FW configuration is a sensitive operation per se. This paper presents an approach that provides an integrity protection of NSLP signaling messages by extending an NSLP session authorization object. A worked example for secure QoS signaling in a Kerberos-secured domain is given.
Keywords
IP networks; quality of service; signalling protocols; IETF working group; IP-based next generation network; NAT/FW signaling; NSLP session authorization object; firewall; network signalling; on-demand resource reservation; protection integrity; quality-of-service reservation; signaling protocol; Admission control; Authorization; Communications Society; Network address translation; Next generation networking; Proposals; Protection; Protocols; Quality of service; Streaming media;
fLanguage
English
Publisher
ieee
Conference_Titel
Communications, 2009. ICC '09. IEEE International Conference on
Conference_Location
Dresden
ISSN
1938-1883
Print_ISBN
978-1-4244-3435-0
Electronic_ISBN
1938-1883
Type
conf
DOI
10.1109/ICC.2009.5199441
Filename
5199441
Link To Document