Title :
Secure Signaling in Next Generation Networks with NSIS
Author :
Bless, Roland ; Rohricht, Martin
Author_Institution :
Inst. of Telematics, Univ. Karlsruhe (TH), Karlsruhe, Germany
Abstract :
The IETF working group next steps in signaling (NSIS) develops signaling protocols for quality-of-service (QoS) reservations or dynamic NAT and firewall (NAT/FW) configuration. QoS signaling allows for on-demand resource reservations in order to provide guaranteed quality-of-service for real-time oriented services in IP-based next generation networks whereas NAT/FW signaling allows for establishing pinholes in firewalls or bindings in NAT devices. QoS signaling must be secured to allow for a reliable accounting and NAT/FW configuration is a sensitive operation per se. This paper presents an approach that provides an integrity protection of NSLP signaling messages by extending an NSLP session authorization object. A worked example for secure QoS signaling in a Kerberos-secured domain is given.
Keywords :
IP networks; quality of service; signalling protocols; IETF working group; IP-based next generation network; NAT/FW signaling; NSLP session authorization object; firewall; network signalling; on-demand resource reservation; protection integrity; quality-of-service reservation; signaling protocol; Admission control; Authorization; Communications Society; Network address translation; Next generation networking; Proposals; Protection; Protocols; Quality of service; Streaming media;
Conference_Titel :
Communications, 2009. ICC '09. IEEE International Conference on
Conference_Location :
Dresden
Print_ISBN :
978-1-4244-3435-0
Electronic_ISBN :
1938-1883
DOI :
10.1109/ICC.2009.5199441
