Security Mechanisms
[[Metz-1999] (doi) .]
C. Metz
“AAA protocols: authentication, authorization, and accounting for the Internet”,
IEEE Internet Computing, vol.3, #6, Nov/Dec. 1999, pp. 75-79
ResiliNets Keywords: AAA
Keywords: Internet, authorisation, message authentication, protocols
Abstract: “Internet service providers (ISPs) offering dial-up access and purveyors of enterprise networks supporting telecommuters face some difficult challenges. Ever-increasing residential dialup subscribers demand available modem (or ISDN) ports, or threaten to take their business elsewhere. To meet this demand, ISPs (dial providers) are deploying a large number of-complex, port-dense network access servers (NAS) to handle thousands of individual dial-up connections. At the same time, the miniaturization of stationary office essentials, such as the laptop computer and cellular telephone, has coupled with the need for maximum customer face time to create a workforce in perpetual motion. These “road warriors” require secure and reliable access to email and Web resources from hotels, airports, and virtual offices around the world. But dial providers must do more than simply offer an available modem port at the other end of a telephone call. They must protect against theft-of-service attacks by unscrupulous individuals with excess free time; they must verify subscribers' levels of access authorization; and for cost recovery, billing, and resource planning purposes, they may need to meter the connection time to the network. Furthermore, to provide maximum coverage to a growing roaming and mobile subscriber base, they may choose to pool their NAS resources while retaining control over their subscribers' access, usage, and billing information. All these services require coordination between the various administrative systems supported by the dial providers in partnership with each other.”
Notes:
[Voydock-Kent-1983 (doi) .]
V.L. Voydock, S.T. Kent
“Security Mechanisms in High-Level Network Protocols”,
ACM Computing Surveys, vol.15, #3, June 1983, pp. 135-171
ResiliNets Keywords: AAA
Keywords: Security mechanisms
Abstract: “The implications of adding security mechanisms to high-level network protocols operating in an open-system environment are analyzed. First the threats to security that may arise in such an environment are described, and then a set of goals for communications security measures is established. This is followed by a brief description of the two basic approaches to communications security, link-oriented measures and end-to-end measures, which concludes that end-to-end measures are more appropriate in an open-system environment. Next, relevant properties of data encryption--the fundamental technique on which all communications security mechanisms are based--are discussed. The remainder of the paper describes how end-to-end measures can be used to achieve each of the security goals previously established.”
Notes:
[[Xu-Cai-2009] (doi) .]
Toby Xu and Ying Cai
“Location safety protection in ad hoc networks”,
Ad Hoc Networks Volume 7, Issue 8, November 2009, Pages 1551-1562
ResiliNets Keywords: AAA
Keywords: Location safety; Location cloaking; Ad hoc networks
Abstract: “Many routing protocols and applications developed for ad hoc networks rely on location information of participating nodes. The exposure of such information, however, presents significant safety threats to the networks. In this paper, we investigate the problem of preventing an adversary from locating (and thus destroying) nodes based on their location information they disclose in communications. Our idea is to reduce location resolution to achieve a desired level of safety protection. We define the safety level of a geographic region to be the ratio of its area and the number of nodes inside it. The higher safety level a region has, the less attractive for an adversary to search over it for the nodes. When a node has to disclose its location, it can compute a cloaking box that meets a desired level of safety requirement and report that as its current location information. To implement this simple idea, there are several challenges. First, each cloaking box must be as small as possible in order to minimize the impact of reduced location resolution on the efficiency of network operating and applications. Second, nodes must be able to compute their cloaking boxes without having to reveal their accurate position. Finally, given a sequence of cloaking boxes, they must not be correlated to refine an area whose safety level is less than the requirement. Our research addresses these challenges with cost-effective solutions in the context of both stationary and mobile ad hoc networks. We evaluate the performance of our techniques through both mathematical analysis and simulation. In addition, we present a new geographic routing protocol which can work with blurred location information and evaluate the impact of location resolution reduction on the performance of this technique.”
Notes: