Authenticated Access to Reserved Network Resources
نویسندگان
چکیده
Enhanced network services often involve preferential allocation of resources such as transmission capacity (“bandwidth”) and buffer space to packets belonging to certain flows or traffic classes. Such services are vulnerable to denial-of-service attacks if access to those resources is granted based on information that can be forged, such as source and destination addresses and port numbers. Traditional message authentication codes (MACs) are not designed to solve this problem and have high per-packet processing costs. In this paper we propose a packet authentication algorithm specifically designed to solve the problem of protecting access to reserved network resources. We present measurements from a prototype implementation, and argue that our approach is a better solution for this problem than traditional MACs.
منابع مشابه
Security Analysis and Performance Evaluation of an Enhanced Two-Factor Authenticated Scheme
Various security attacks may cause unauthorized access, misuse, modification, or denial of a computer network and network accessible resources. To prevent these attacks various authentication means can be used to provide authenticated key exchange protocols. Authenticated key exchange protocol allows the exchange of session key and also authenticates the identities of parties involved in the ke...
متن کاملFulfillment of HTTP Authentication Based on Alcatel OmniSwitch 9700
This paper provides a way of HTTP authentication On Alcatel OmniSwitch 9700. Authenticated VLANs control user access to network resources based on VLAN assignment and user authentication. The user can be authenticated through the switch via any standard Web browser software. Web browser client displays the username and password prompts. Then a way for HTML forms can be given to pass HTTP authen...
متن کاملRole Based Access Control and the JXTA Peer-to-Peer Framework
Role based access control (RBAC) allows users access to resources based on their competencies and responsibilities within an organization. Typically, RBAC is provided as a security mechanism for a single host at the operating system level. This allows the operating system to ensure that authenticated users have access to resources based on their assigned roles. RBAC is more challenging in peer-...
متن کاملMulti - Factor Password - Authenticated Key Exchange ( full version )
We consider a new form of authenticated key exchange which we call multi-factor passwordauthenticated key exchange, where session establishment depends on successful authentication of multiple short secrets that are complementary in nature, such as a long-term password and a one-time response, allowing the client and server to be mutually assured of each other’s identity without directly disclo...
متن کاملMulti-Factor Password-Authenticated Key Exchange
We consider a new form of authenticated key exchange which we call multi-factor passwordauthenticated key exchange, where session establishment depends on successful authentication of multiple short secrets that are complementary in nature, such as a long-term password and a one-time response, allowing the client and server to be mutually assured of each other’s identity without directly disclo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- I. J. Network Security
دوره 3 شماره
صفحات -
تاریخ انتشار 2006