Title :
Securing MPLS Networks with Multi-path Routing
Author :
Alouneh, Sahel ; En-Nouaary, Abdeslam ; Agarwal, Anjali
Author_Institution :
Dept. of Electr. & Comput. Eng., Concordia Univ., Montreal, Que.
Abstract :
MPLS network architecture does not protect the confidentiality of data transmitted. This paper proposes a mechanism to enhance the security in MPLS networks by using multi-path routing combined with a modified (k, n) threshold secret sharing scheme. An IP packet entering MPLS ingress router can be partitioned into n shadow (share) packets, which are then assigned to maximally-node disjoint paths across the MPLS network. The egress router at the end will be able to reconstruct the original IP packet if it receives any k share packets. The attacker must therefore tap at least k paths to be able to reconstruct the original IP packet that is being transmitted, while receiving k-1 or less of share packets makes it hard or even impossible to reconstruct the original IP packet
Keywords :
multiprotocol label switching; telecommunication network routing; telecommunication security; IP packet; MPLS network security; multipath routing; threshold secret sharing scheme; Cryptography; Data security; Information security; Multiprotocol label switching; Packet switching; Payloads; Protection; Quality of service; Routing; Telecommunication traffic;
Conference_Titel :
Information Technology, 2007. ITNG '07. Fourth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
0-7695-2776-0
DOI :
10.1109/ITNG.2007.176
