Show simple item record

dc.contributor.advisorXie, Geoffrey
dc.contributor.advisorIrvine, Cynthia
dc.contributor.advisorBuddenberg, Rex
dc.contributor.authorDarroca, Gregorio G.
dc.date.accessioned2012-08-09T19:20:45Z
dc.date.available2012-08-09T19:20:45Z
dc.date.issued1998-09
dc.identifier.urihttp://hdl.handle.net/10945/8424
dc.description.abstractTransport Layer (OSI Layer 3) switching and routing provides routing flexibility but not high throughput. Link layer (OSI Layer 2) switching provides high throughput but not the routing flexibility needed to manage topology change and load fluctuations in the network. Neither Layer 3 routing nor Layer 2 switching protocols were originally designed to support confidentiality and integrity of data, and authentication of participants. Proposals to integrate security may have positive results for data confidentiality, integrity and authentication, but often result in additional overhead, increased transmission latency, and decreased throughput. An added difficulty is reconciling standards and protocols when integrating heterogeneous routing networks with homogenous switching networks while minimizing impact on throughput. This thesis examined current Internet extensions and architectures as well as IP security services and Layer 2 switching in IP-based networks. Requirements for a framework for a proposed security protocol include: Link Layer switching and routing; independence of particular communication protocols and standards; IP packet filtering and routing according to predetermined security policies and with no significant impact on throughput; and continued routing flexibility of IP. This security protocol, called Link Layer (Link Layer Packet Filtering (LLPF)), filters packets at the Link Layer, and boasts two innovations: use of an authentication trailer and multiple cryptographic keys with short cryptoperiodsen_US
dc.description.urihttp://archive.org/details/frameworkforlink109458424
dc.format.extentxx, 187 p.;28 cm.en_US
dc.language.isoen_US
dc.publisherMonterey, California. Naval Postgraduate Schoolen_US
dc.rightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.en_US
dc.titleFramework for a Link Layer Packet Filtering (LLPF) security protocolen_US
dc.typeThesisen_US
dc.contributor.departmentInformation Technology Management
dc.subject.authornetwork securityen_US
dc.subject.authorAsynchronous Transmission Mode (ATM)en_US
dc.subject.authorinternetworkingen_US
dc.subject.authorprotocolen_US
etd.thesisdegree.nameM.S. in Information Technology Managementen_US
etd.thesisdegree.levelMastersen_US
etd.thesisdegree.disciplineInformation Technology Managementen_US
etd.thesisdegree.grantorNaval Postgraduate Schoolen_US
dc.description.distributionstatementApproved for public release; distribution is unlimited.


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record