Title :
Security issues in policy routing
Author :
Estrin, Deborah ; Tsudik, Gene
Author_Institution :
Dept. of Comput. Sci., Univ. of Southern California, Los Angeles, CA, USA
Abstract :
Most routing protocols, including proposed policy routing protocols, focus on environments where detection of an attack after it has taken place is sufficient. The authors explore the design of policy routing mechanisms for sensitive environments where more aggressive preventative measures are mandated. In particular, they detail the design of four secure protocol versions that prevent abuse by cryptographic checks of data integrity. They analyze and compare these schemes in terms of their prepacket processing overhead. It is concluded that preventative security is feasible, although the overhead cost is quite high. Consequently, it is critical that prevention-based schemes coexist with detection-based schemes
Keywords :
protocols; security of data; abuse prevention; aggressive preventative measures; attack detection; cryptographic checks; data integrity; detection-based schemes; policy routing; prepacket processing overhead; preventative security; prevention-based schemes; routing protocols; sensitive environments; Communication system control; Computer science; Costs; Cryptographic protocols; Cryptography; Data security; Information security; Navigation; Power cables; Routing protocols;
Conference_Titel :
Security and Privacy, 1989. Proceedings., 1989 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-1939-2
DOI :
10.1109/SECPRI.1989.36293
