Asynchronous transfer mode and Local Area Network emulation standards, protocols, and security implications

Abstract

A complex networking technology called Asynchronous Transfer Mode (ATM) and a networking protocol called Local Area Network Emulation (LANE) are being integrated into many naval networks without any security-driven naval configuration guidelines. No single publication is available that describes security issues of data delivery and signaling relating to the transition of Ethernet to LANE and ATM. The thesis' focus is to provide: (1) an overview and security analysis of standardized protocols relating to ATM and LANE; (2) an overview and security analysis associated with integrating a Fore Systems Inc., LANE-based ATM network, with an accredited Cisco Systems Inc., Ethernet Virtual LAN (VLAN) network; and (3) associated security-related suggestions for network design and configurations. This thesis identifies possible negative security- related capabilities associated with ATM- and LANE-related protocols; however, many can be mitigated using the identified network design guidelines. Qualitative analysis suggests that the introduction of an ATM/LANE backbone into an existing TCP/IP network does not increase the probability of incorrect destinations receiving and processing corrupted frames. It is hoped that this seminal document will assist in the development of standard security-driven implementation guidelines associated with ATM/LANE-based networks, as well as inform those required to prepare and review associated network Risk Assessments.