A firewalling scheme for securing MPOA-based enterprise networks

Author

Xu, Jun ; Singhal, Mukesh

Author_Institution

Dept. of Comput. & Inf. Sci., Ohio State Univ., Columbus, OH, USA

fYear

1998

fDate

13-14 Nov 1998

Firstpage

205

Lastpage

208

Abstract

A well-known security problem with MPOA is that cut-through connections generally bypass firewall routers if there are any. None of the previously proposed approaches solved the problem properly. We propose a novel firewalling scheme for MPOA that nicely fixes the security hole. Our firewalling scheme has three outstanding advantages that make it ideal for securing MPOA-based enterprise networks. First, based on our novel concept of logical chokepoints, our firewalling scheme does not require the existence of physical chokepoints inside the network. Second, the scheme is nicely embedded into the MPOA protocol so that its cost, performance overhead, and protocol complexity are reduced to a minimum. Third, the scheme is centrally administrated so that it scales well to very large networks

Keywords

asynchronous transfer mode; business communication; computer networks; performance evaluation; protocols; security of data; telecommunication security; ATM; MPOA; cost; cut-through connections; enterprise networks; firewalling scheme; logical chokepoints; performance overhead; protocol; security problem; Asynchronous transfer mode; Computer security; Costs; Filtering; Information science; Information security; Internet; Local area networks; Protocols; Switches;

fLanguage

English

Publisher

ieee

Conference_Titel

High-Assurance Systems Engineering Symposium, 1998. Proceedings. Third IEEE International

Conference_Location

Washington, DC

Print_ISBN

0-8186-9221-9

Type

conf

DOI

10.1109/HASE.1998.731613

Filename

731613