• DocumentCode
    2651531
  • Title

    Behavior-Based Policies for Preserving Confidentiality in PCE-based Multi-domain MPLS Networks

  • Author

    Gharbaoui, Molka ; Paolucci, Francesco ; Martini, Barbara ; Cugini, Filippo ; Castoldi, Piero

  • Author_Institution
    Scuola Superiore Sant´´Anna, Pisa, Italy
  • fYear
    2011
  • fDate
    6-8 June 2011
  • Firstpage
    81
  • Lastpage
    88
  • Abstract
    Inter-domain path computations under the responsibility of cooperative Path Computation Elements (PCEs) guarantee effective network resource utilization and provide a basic level of information confidentiality. However, malicious PCEs belonging to different domains might misbehave by sending sequences of bogus requests and taking advantage of their interdependence to discover confidential information. In this work, we propose the use of XACML policies in order to avoid malicious utilizations of PCEP procedures and preserve confidentiality across domains. Policies are based on the analysis of the behavior of PCEP peers and the possible correlations among requests from which they might get access to private information.
  • Keywords
    XML; multiprotocol label switching; telecommunication computing; telecommunication security; PCE-based multidomain MPLS networks; PCEP malicious utilizations; XACML policies; behavior-based policies; bogus requests; cooperative path computation elements; information confidentiality; interdomain path computations; Authorization; Bandwidth; Computer architecture; Databases; Measurement; Multiprotocol label switching; Confidentiality; PCE; Policies; XACML;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Policies for Distributed Systems and Networks (POLICY), 2011 IEEE International Symposium on
  • Conference_Location
    Pisa
  • Print_ISBN
    978-1-4244-9879-6
  • Electronic_ISBN
    978-0-7695-4330-7
  • Type

    conf

  • DOI
    10.1109/POLICY.2011.15
  • Filename
    5976799