nach oben

Annals of Telecommunications

Erschienen in:

01.06.2009

MPLS security: an approach for unicast and multicast environments

verfasst von: Sahel Alouneh, Abdeslam En-Nouaary, Anjali Agarwal

Erschienen in: Annals of Telecommunications | Ausgabe 5-6/2009

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Multi-Protocol Label Switching (MPLS) network architecture does not protect the confidentiality of data transmitted. This paper proposes a mechanism to enhance the security in MPLS networks by using multi-path routing combined with a modified (k, n) threshold secret sharing scheme. An Internet Protocol (IP) packet entering MPLS ingress router can be partitioned into n shadow (share) packets, which are then assigned to maximally node disjoint paths across the MPLS network. The egress router at the end will be able to reconstruct the original IP packet if it receives any k share packets. The attacker must therefore tap at least k paths to be able to reconstruct the original IP packet that is being transmitted, while receiving k − 1 or less of share packets makes it hard or even impossible to reconstruct the original IP packet. In this paper, we consider the multicast case in addition to the unicast. To our best knowledge, no work has been published for MPLS multicast security. We have implemented our model and measured its time complexity on variable packets size.

Vorheriger Artikel Model-based similarity estimation of multidimensional temporal sequences

Nächster Artikel A robust security scheme for wireless mesh enterprise networks

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Andersson L, Doolan P, Feldman N, Fredette A, Thomas B (2001) “LDP Specification”, IETF, RFC 3036, 2001

Asmuth C (1983) A modular approach to key safeguarding. IEEE Transactions on Information Theory IT-29(2)

Awduche D, Malcolm (1999) J Requirements for Traffic Engineering over MPLS RFC 2702

Barlow D, Vassilio V, Owen H (2003) A cryptographic protocol to protect MPLS Labels. Proceeding of IEEE Workshop of Information Assurance

Behringer M, Morrow MJ (2005) MPLS VPN-Security. Cisco, Indianapolis

Blakley GR (1979) Safeguarding cryptographic keys. Proceedings of the National Computer Conference, 1979, American Federation of Information Processing Societies 48:

Blesa M, Blum C (2004) Ant colony optimization for the- maximum edge-disjoint paths problem. In: Raidl et al. (ed). 1st (EvoCOMNET'04), volume 3005f of Lecture Notes in Computer Science, pages 160–169, Coimbra

Chung J, Panguluru S, Garcia R (2002) Multiple LSP routing network security for MPLS networking. IEEE-MWSCAS

GMP “GNU Multiple Precision Arithmetic Library”, http://www.swox.com/gmp/.

10.

Lou W, Fang Y (2001) A multipath routing approach for secure data delivery. IEEE Milcom’01, 2001

11.

Lewis M (2005) Troubleshooting any transport over MPLS based VPNs. Cisco Press article

12.

MPLS World Congress (’2006, ’2007).

13.

Ramaswamy R, Weng N, Wolf T (2003) Considering processing cost in network simulations”, Proceedings of the ACM SIGCOMM workshop on Models, methods and tools for reproducible network research, Germany

14.

Rosen E, Viswanathan A, Callon R (2001) Multi-protocol label switching architecture. IETF, RFC 3031

15.

Ren R, Feng D, Ma K (2004) A detailed implement and analysis of MPLS VPN based on IPSEC”, Proceeding of the IEEE Third International Conference on Machine Learning and Cybernetics, Shanghai

16.

Saad T, Alawieh B, Mouftah H (2006) Tunneling techniques for end-to-end VPNs: Generic deployment in an optical testbed environment. IEEE Communication Magazine

17.

Shamir A (1979) How to share a secret. Commun ACM 24:612–613CrossRefMathSciNet

18.

Schneier B (1996) Applied cryptography, 2nd edn. Chapters 3 and 23. Wiley, New York

19.

Sidhu D, Nair R, Abdallah S (1991) Finding disjoint paths in networks”, proceeding ACM-SIGCOMM’91 Symposium,

20.

Bhandari R (1999) Survivable networks. algorithms for diverse routing, Kluwer, New York

21.

Shiloach Y (1980) A polynomial solution to the undirected two paths problem. JACM 27(3):445–456MATHCrossRefMathSciNet

22.

Lee H, Hwang J, Kang B, Jun K (2000)End-to-end QoS architecture for VPNs: MPLS VPN deployment in a backbone network. Proceedings the International Workshops on Parallel Processing, Canada pp. 479–483

23.

Iwaki M, Toraichi K, Ishii R (1993) Fast polynomial interpolation for Remez exchange method. IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, pp. 411–414, 1993

24.

Palmieri F (2007) Fiore U (2007) Enhanced security strategies for MPLS signaling. J Netw 2(5):1–13

25.

Palmieri F, Fiore U (2005) Securing the MPLS Control Plane. HPCC 2005, LNCS 3726, Springer, pp. 511–523

26.

Finite Field Arithmetic, http://www.springer.com/?SGWID=2-102-45-110359-4, Chapter 2, (last time accessed May, 2008).

27.

Harman B, Burness L, Corliano G, Murgu A, El-moussa F, He L (2006) Securing network availability. BT Technol J 24:65–71CrossRef

28.

S. Avallone, V. Manetti, M. Mariano, S. Romano (2007) A splitting infrastructure for load balancing and security in an MPLS network”, 3rd international conference on testbeds and research infrastructure for the development of networks and communities, pp. 1–6

Titel: MPLS security: an approach for unicast and multicast environments
verfasst von: Sahel Alouneh
Abdeslam En-Nouaary
Anjali Agarwal
Publikationsdatum: 01.06.2009
Verlag: Springer-Verlag
Erschienen in: Annals of Telecommunications / Ausgabe 5-6/2009
Print ISSN: 0003-4347
Elektronische ISSN: 1958-9395
DOI: https://doi.org/10.1007/s12243-009-0089-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 5-6/2009

The clean-slate approach to future Internet design: a survey of research initiatives

Using tunneling techniques to realize virtual routers

Third-generation virtualized architecture for the MVNO context

An experimental illustration of 3D facial shape analysis under facial expressions

Foreword

A robust security scheme for wireless mesh enterprise networks

Premium Partner