Title :
An optimization on requesting and authorization for capabilities architecture
Author :
Jiang, Xianliang ; Jin, Guang ; Ni, Cuixia ; Xie, Zhijun ; Qian, Jiangbo
Author_Institution :
Coll. of Inf. Sci. & Eng., Ningbo Univ., Ningbo, China
Abstract :
Distributed Denial of Service (DDoS) attacks have resulted in huge economic loss and great harms to networks. In this paper, we in-depth analyze the shortcomings and lacks of capabilities existing in the router-based Traffic Validation Architecture (TVA) scheme and propose a new scheme with adjustable pre-capabilities and capabilities. It is able to effectively reduce the overall cost of run-time and improve the transmission efficiency in TVA without reducing the overall security of the original scheme. Meanwhile, we specify the concept of credit values that could precisely control the size of authorized capabilities and provide a standard to measure the overall safety of TVA. Furthermore, this paper also gives a new dynamic mechanism to grant capabilities using the proposed credit. The theoretical proof and practical simulation show that our scheme is feasible and effective.
Keywords :
Internet; authorisation; computer network security; economics; optimisation; telecommunication security; telecommunication services; DDoS attacks; capabilities architecture; distributed denial of service; dynamic mechanism; economic loss; router-based traffic validation architecture; Computer architecture; Computer crime; Equations; IP networks; Mathematical model; Safety; Capability; Credit; DDoS; Network Security; Traffic Validation Architecture;
Conference_Titel :
Computer Science and Service System (CSSS), 2011 International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4244-9762-1
DOI :
10.1109/CSSS.2011.5972118
