Title :
A Unified Approach to Intra-domain Security
Author :
Shue, Craig A. ; Kalafut, Andrew J. ; Gupta, Minaxi
Author_Institution :
Comput. Sci. & Eng. Div., Oak Ridge Nat. Lab., Oak Ridge, TN, USA
Abstract :
While a variety of mechanisms have been developed for securing individual intra-domain protocols, none address the issue in a holistic manner. We develop a unified framework to secure prominent networking protocols within a single domain. We begin with a secure version of the DHCP protocol, which has the additional feature of providing each host with a certificate. We then leverage these certificates to secure ARP, prevent spoofing within the domain, and secure SSH and VPN connections between the domain and hosts which have previously interacted with it locally. In doing so, we also develop an incrementally deployable public key infrastructure which can later be leveraged to support inter-domain authentication.
Keywords :
authorisation; message authentication; protocols; DHCP protocol; VPN connections; authorisation; dynamic host configuration protocol; interdomain authentication; intradomain security; networking protocols; public key infrastructure; Authentication; Computer science; Computer security; Cryptographic protocols; Government; Intelligent networks; Laboratories; National security; Network servers; Public key; ARP; Computer Networks; DHCP; Intra-domain Security;
Conference_Titel :
Computational Science and Engineering, 2009. CSE '09. International Conference on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4244-5334-4
Electronic_ISBN :
978-0-7695-3823-5
DOI :
10.1109/CSE.2009.204
