Multi-stage Packet Filtering in Network Smart Cards
نویسنده
چکیده
Network smart cards are smart cards with networking capabilities. They have opened new opportunities for the use of smart cards in Internet applications. At the same time, network smart cards are exposed to network security threats just as other computers on the Internet. Unfortunately, existing designs of network security mechanisms, such as packet filtering, may not be best suited for smart cards because the computing resources of the cards are too limited. This paper presents a new packet filtering approach that overcomes this difficulty. The packet filtering is performed in multiple stages. It drops unwanted packets as early as possible, starting at the I/O interrupt level. This builds a network firewall inside smart cards and reduces resource usage for packet processing. It can be used with different hardware and software configurations and with various filter rules. Advantages of this approach include better security, reduced memory usage, and enhanced performance.
منابع مشابه
Efficient Pre-filtering Techniques for Packet Inspection
Faculty of Electrical Engineering, Mathematics and Computer Science CE-MS-2008-15 Network Security is a significant issue nowadays. The information flow is enormous and the attacks have been substantially evolved. Every single packet of the flow must be scanned in deep and checked with all known attack rules (Deep Packet Inspection) to determine whether it is malicious. However, the task of Dee...
متن کاملSecure Public Key Protocol for Ad-Hoc Wireless Networks
As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is prop...
متن کاملA Pairing-Based User Authentication Scheme for Wireless Clients with Smart Cards
With rapid growth of mobile wireless networks, handheld devices are popularly used by people and many mobile applications have been rapidly developed. Considering the limited computing capability of smart cards or mobile devices, the security scheme design suitable for these mobile devices is a nontrivial challenge. A user authentication scheme is a mechanism to authenticate a remote user over ...
متن کاملThe Role of Packet Tracer in Learning Wireless Networks and Managing IoT Devices
Wireless networks, Internet of Things (IoT), Internet of Everything (IoE), and smart homes have become extremely important terms in our present-day life. Most of the buildings, companies, institutions, and even homes depend onthese technologies for interaction, communication, automation, and everything surrounding humans. To understand the advanced topics in wireless networks and IoT devi...
متن کاملImprovement and parallelization of Snort network intrusion detection mechanism using graphics processing unit
Nowadays, Network Intrusion Detection Systems (NIDS) are widely used to provide full security on computer networks. IDS are categorized into two primary types, including signature-based systems and anomaly-based systems. The former is more commonly used than the latter due to its lower error rate. The core of a signature-based IDS is the pattern matching. This process is inherently a computatio...
متن کامل