Network security for QoS routing metrics

Data security is an essential requirement, especially when sending information over a network. Network security has three goals called confidentiality, integrity and availability (or Access). Encryption is the most common technique used to achieve this goal. However, the computer society has not yet agreed on a standard method to measure data security. The ultimate goal of this study is to define security metrics based on different aspects of network security, and then demonstrate how these metrics could be used in Quality of Service (QoS) routing to find the most secure path connecting two distant nodes (source and destination) across an internetwork. Three security metrics are proposed in this document, these metrics have been derived from three important issues of network security, namely: authentication, encryption and traffic filtration techniques (firewalls and intrusion detection systems). The metrics follow different composition rules in that the first is binary, the second is either concave or additive and the last is multiplicative. Routing algorithms that make use of such metrics have been implemented in the C# programming language to test the viability of the proposed solution. Computational effort and blocking probability are the most commonly used performance measures were used to assess the behavior and the performance of these routing algorithms. Results obtained show that the algorithms were able to find feasible paths between communicating parties and helped in making reasonable savings in the computational effort needed to find an acceptable path. Consequently, higher blocking probabilities were encountered, which is thus the price to be paid for the savings.