مرکز منطقه ای اطلاع رساني علوم و فناوري - A Credential-Based Data Path Architecture for Assurable Global Networking

DocumentCode :

3037908

Title :

A Credential-Based Data Path Architecture for Assurable Global Networking

Author :

Wolf, Tilman

Author_Institution :

Department of Electrical and Computer Engineering, University of Massachusetts, Amherst, MA, USA. wolf@ecs.umass.edu

fYear :

2007

fDate :

29-31 Oct. 2007

Firstpage :

Lastpage :

Abstract :

The main limitation for achieving information assurance in current data networks lies in absence of security considerations in the original Internet architecture. This shortcoming leads to the need for a new approach to achieving information assurance in networks. We propose a network architecture that uses credentials in the data path to identify, validate, monitor, and control data flows within the network. The important aspect of this approach is that credentials are tracked on the data path of the network, not just the end-systems, which implies that each and every packet can be audited. We present a credentials design that is based on Bloom filters and can achieve the desired properties to provide data path assurance.

Keywords :

Communication system security; Computer architecture; Cryptography; Data security; Data structures; Filters; IP networks; Information security; Monitoring; Protocols;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Military Communications Conference, 2007. MILCOM 2007. IEEE

Conference_Location :

Orlando, FL, USA

Print_ISBN :

978-1-4244-1513-7

Electronic_ISBN :

978-1-4244-1513-7

Type :

conf

DOI :

10.1109/MILCOM.2007.4454937

Filename :

4454937

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3037908