Title :
Benefits of a pure layer 2 security approach in Metro Ethernet
Author :
Meddeb, Aref ; Elgueder, Enis ; Harrathi, Issam ; Youssef, Habib
Author_Institution :
PRINCE Res. Unit, Univ. of Sousse, Sousse, Tunisia
Abstract :
With the emergence of Metro Ethernet as a high speed and carrier grade technology across public networks, the support of Quality of Service (QoS) and Service Level Agreements (SLA) has become an essential feature of Ethernet. In such context, the issues of network security and data transfer delay are regaining significant importance. The IEEE has recently introduced the 802.1AE MACSec protocol which aims at providing hop by hop security but that does not guarantee end to end security across public networks. In order to provide end-to-end security, in general a higher layer security protocol such as IPSec would be required. In this paper we propose an enhancement to the MACSec protocol in order to maintain the advantages of providing security at layer 2 while assuring an end-to-end security; alleviating the need for higher layer security protocols. We show that our approach enhances network performance in terms of transfer delay and delay variation while providing security levels comparable to those delivered by the combination of IPSec and MACSec.
Keywords :
metropolitan area networks; protocols; telecommunication security; telecommunication standards; 802.1AE MACSec protocol; IPSec; Metro Ethernet; data transfer delay; delay variation; network security; public networks; pure layer 2 security; quality of service; service level agreements; Cryptography; Data security; Delay effects; Ethernet networks; Filtering; Hardware; Protocols; Quality of service; Software performance; TCPIP;
Conference_Titel :
Computers and Communications, 2009. ISCC 2009. IEEE Symposium on
Conference_Location :
Sousse
Print_ISBN :
978-1-4244-4672-8
Electronic_ISBN :
1530-1346
DOI :
10.1109/ISCC.2009.5202407
