Protection of LAN-wide, P2P interactions: a holistic approach
Autor(a) principal: | |
---|---|
Data de Publicação: | 2009 |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | http://hdl.handle.net/10773/13569 |
Resumo: | This article advocates the need of a holistic approach to protect LAN interactions and presents a solution for implementing it based on secure LAN (SLAN), a novel security architecture. SLAN uses the 802.1X access control mechanisms and is supported by a key distribution centre (KDC) built upon an 802.1X authentication server. The KDC is used, together with a new host identification policy and modified DHCP servers, to provide proper resource allocation and message authentication in DHCP transactions. The KDC is used to authenticate ARP transactions and to distribute session keys to pairs of LAN hosts, allowing them to set up arbitrary, LAN-wide peer-to-peer security associations using such session keys. We show how PPPoE and IPSec security associations may be instantiated and present a prototype implementation for IPSec. |
id |
RCAP_386dae28ee0f8817bbccb3c9a10f2c12 |
---|---|
oai_identifier_str |
oai:ria.ua.pt:10773/13569 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
Protection of LAN-wide, P2P interactions: a holistic approach802.1X frameworkHolistic LAN securityP2P security associationsSecure communication networksSLAN architectureThis article advocates the need of a holistic approach to protect LAN interactions and presents a solution for implementing it based on secure LAN (SLAN), a novel security architecture. SLAN uses the 802.1X access control mechanisms and is supported by a key distribution centre (KDC) built upon an 802.1X authentication server. The KDC is used, together with a new host identification policy and modified DHCP servers, to provide proper resource allocation and message authentication in DHCP transactions. The KDC is used to authenticate ARP transactions and to distribute session keys to pairs of LAN hosts, allowing them to set up arbitrary, LAN-wide peer-to-peer security associations using such session keys. We show how PPPoE and IPSec security associations may be instantiated and present a prototype implementation for IPSec.Inderscience2015-03-03T12:35:04Z2009-01-01T00:00:00Z2009info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10773/13569eng1754-392410.1504/IJCNDS.2009.027602Zúquete, A.info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-05-06T03:52:58Zoai:ria.ua.pt:10773/13569Portal AgregadorONGhttps://www.rcaap.pt/oai/openairemluisa.alvim@gmail.comopendoar:71602024-05-06T03:52:58Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
Protection of LAN-wide, P2P interactions: a holistic approach |
title |
Protection of LAN-wide, P2P interactions: a holistic approach |
spellingShingle |
Protection of LAN-wide, P2P interactions: a holistic approach Zúquete, A. 802.1X framework Holistic LAN security P2P security associations Secure communication networks SLAN architecture |
title_short |
Protection of LAN-wide, P2P interactions: a holistic approach |
title_full |
Protection of LAN-wide, P2P interactions: a holistic approach |
title_fullStr |
Protection of LAN-wide, P2P interactions: a holistic approach |
title_full_unstemmed |
Protection of LAN-wide, P2P interactions: a holistic approach |
title_sort |
Protection of LAN-wide, P2P interactions: a holistic approach |
author |
Zúquete, A. |
author_facet |
Zúquete, A. |
author_role |
author |
dc.contributor.author.fl_str_mv |
Zúquete, A. |
dc.subject.por.fl_str_mv |
802.1X framework Holistic LAN security P2P security associations Secure communication networks SLAN architecture |
topic |
802.1X framework Holistic LAN security P2P security associations Secure communication networks SLAN architecture |
description |
This article advocates the need of a holistic approach to protect LAN interactions and presents a solution for implementing it based on secure LAN (SLAN), a novel security architecture. SLAN uses the 802.1X access control mechanisms and is supported by a key distribution centre (KDC) built upon an 802.1X authentication server. The KDC is used, together with a new host identification policy and modified DHCP servers, to provide proper resource allocation and message authentication in DHCP transactions. The KDC is used to authenticate ARP transactions and to distribute session keys to pairs of LAN hosts, allowing them to set up arbitrary, LAN-wide peer-to-peer security associations using such session keys. We show how PPPoE and IPSec security associations may be instantiated and present a prototype implementation for IPSec. |
publishDate |
2009 |
dc.date.none.fl_str_mv |
2009-01-01T00:00:00Z 2009 2015-03-03T12:35:04Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10773/13569 |
url |
http://hdl.handle.net/10773/13569 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
1754-3924 10.1504/IJCNDS.2009.027602 |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
Inderscience |
publisher.none.fl_str_mv |
Inderscience |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
mluisa.alvim@gmail.com |
_version_ |
1817543530817519616 |