Protection of LAN-wide, P2P interactions: a holistic approach

Detalhes bibliográficos
Autor(a) principal: Zúquete, A.
Data de Publicação: 2009
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10773/13569
Resumo: This article advocates the need of a holistic approach to protect LAN interactions and presents a solution for implementing it based on secure LAN (SLAN), a novel security architecture. SLAN uses the 802.1X access control mechanisms and is supported by a key distribution centre (KDC) built upon an 802.1X authentication server. The KDC is used, together with a new host identification policy and modified DHCP servers, to provide proper resource allocation and message authentication in DHCP transactions. The KDC is used to authenticate ARP transactions and to distribute session keys to pairs of LAN hosts, allowing them to set up arbitrary, LAN-wide peer-to-peer security associations using such session keys. We show how PPPoE and IPSec security associations may be instantiated and present a prototype implementation for IPSec.
id RCAP_386dae28ee0f8817bbccb3c9a10f2c12
oai_identifier_str oai:ria.ua.pt:10773/13569
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Protection of LAN-wide, P2P interactions: a holistic approach802.1X frameworkHolistic LAN securityP2P security associationsSecure communication networksSLAN architectureThis article advocates the need of a holistic approach to protect LAN interactions and presents a solution for implementing it based on secure LAN (SLAN), a novel security architecture. SLAN uses the 802.1X access control mechanisms and is supported by a key distribution centre (KDC) built upon an 802.1X authentication server. The KDC is used, together with a new host identification policy and modified DHCP servers, to provide proper resource allocation and message authentication in DHCP transactions. The KDC is used to authenticate ARP transactions and to distribute session keys to pairs of LAN hosts, allowing them to set up arbitrary, LAN-wide peer-to-peer security associations using such session keys. We show how PPPoE and IPSec security associations may be instantiated and present a prototype implementation for IPSec.Inderscience2015-03-03T12:35:04Z2009-01-01T00:00:00Z2009info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10773/13569eng1754-392410.1504/IJCNDS.2009.027602Zúquete, A.info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-05-06T03:52:58Zoai:ria.ua.pt:10773/13569Portal AgregadorONGhttps://www.rcaap.pt/oai/openairemluisa.alvim@gmail.comopendoar:71602024-05-06T03:52:58Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Protection of LAN-wide, P2P interactions: a holistic approach
title Protection of LAN-wide, P2P interactions: a holistic approach
spellingShingle Protection of LAN-wide, P2P interactions: a holistic approach
Zúquete, A.
802.1X framework
Holistic LAN security
P2P security associations
Secure communication networks
SLAN architecture
title_short Protection of LAN-wide, P2P interactions: a holistic approach
title_full Protection of LAN-wide, P2P interactions: a holistic approach
title_fullStr Protection of LAN-wide, P2P interactions: a holistic approach
title_full_unstemmed Protection of LAN-wide, P2P interactions: a holistic approach
title_sort Protection of LAN-wide, P2P interactions: a holistic approach
author Zúquete, A.
author_facet Zúquete, A.
author_role author
dc.contributor.author.fl_str_mv Zúquete, A.
dc.subject.por.fl_str_mv 802.1X framework
Holistic LAN security
P2P security associations
Secure communication networks
SLAN architecture
topic 802.1X framework
Holistic LAN security
P2P security associations
Secure communication networks
SLAN architecture
description This article advocates the need of a holistic approach to protect LAN interactions and presents a solution for implementing it based on secure LAN (SLAN), a novel security architecture. SLAN uses the 802.1X access control mechanisms and is supported by a key distribution centre (KDC) built upon an 802.1X authentication server. The KDC is used, together with a new host identification policy and modified DHCP servers, to provide proper resource allocation and message authentication in DHCP transactions. The KDC is used to authenticate ARP transactions and to distribute session keys to pairs of LAN hosts, allowing them to set up arbitrary, LAN-wide peer-to-peer security associations using such session keys. We show how PPPoE and IPSec security associations may be instantiated and present a prototype implementation for IPSec.
publishDate 2009
dc.date.none.fl_str_mv 2009-01-01T00:00:00Z
2009
2015-03-03T12:35:04Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10773/13569
url http://hdl.handle.net/10773/13569
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 1754-3924
10.1504/IJCNDS.2009.027602
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Inderscience
publisher.none.fl_str_mv Inderscience
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv mluisa.alvim@gmail.com
_version_ 1817543530817519616