A protocol for building a Network Access Controller (NAC) for "IP over ATM."
MetadataShow full item record
The implementation of label swapping packet forwarding technology increases the vulnerability to insider attacks. These attacks refer to unauthorized access from within an enclave to the outside network. In this thesis we propose a protocol to counter this category of attacks. The proposed protocol provides a means for fast packet authentication. High speed is achieved by the use of a trailer, which allows packet filtering at Layer 2, and the use of cheap and fast message digest algorithms. To overcome the weaknesses of a 128 bit message digest algorithm, each key is designed to have a very short cryptoperiod. Such fast rekeying is implemented by key caching (the host has a table of keys). Initial performance measurements indicated that it is possible to use our protocol while maintaining very high data throughput. Specifically, our protocol implements an authentication module, called Network Access Controller (NAC). The NAC's modular nature allows it to be easily integrated with a variety of routing technologies and other security mechanisms while remaining totally independent of them.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Lundy, Gilbert M.; Tipici, H. Alphan (IEEE, 1994-10);In recent years the emergence of optical fiber and its correspondingly high data rates have led to the development of much higher speed networks, both locally and over the long haul. These developments led to the design ...
Stone, Steven Walter (Monterey, California. Naval Postgraduate School, 1996-06);The current Distributed Interactive Simulations (DIS) Protocol has a limited ability to support real time, simulated engagements of more than 1000 entities because of its excessive use of network resources. It also lacks ...
Raghuram, Devalla (Monterey, California. Naval Postgraduate School, 1992-09);A group membership protocol ensures agreement and consistent commit actions among group members to maintain a sequence of identical group views in spite of continuous changes, either voluntary or otherwise, in processors' ...