Assessing the security of a clean-slate Internet architecture
The TCP/IP architecture was originally designed without taking security measures into consideration. Over the years, it has been subjected to many attacks, which has led to many patches to counter them. Our investigations into the fundamental principles of networking have shown that carefully follow...
Saved in:
| Published in | 2012 20th IEEE International Conference on Network Protocols (ICNP) pp. 1 - 6 |
|---|---|
| Main Authors | , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.10.2012
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | The TCP/IP architecture was originally designed without taking security measures into consideration. Over the years, it has been subjected to many attacks, which has led to many patches to counter them. Our investigations into the fundamental principles of networking have shown that carefully following an abstract model of Inter-Process Communication (IPC) addresses many problems [1]. Guided by this IPC principle, we designed a clean-slate Recursive InterNetwork Architecture (RINA) [2]. In this paper, we show how, without the aid of cryptographic techniques, the bare-bones architecture of RINA can resist most of the security attacks faced by TCP/IP, and of course, is only more secure if cryptographic techniques are employed. Specifically, the RINA model decouples different concerns that makes it more resistant to transport-level attacks: (1) RINA decouples authentication from connection management, thus transport-level attacks are limited to "insider" attacks, and (2) RINA decouples transport port allocation and access control from data synchronization and transfer, thus making transport-level attacks much harder to mount. Using typical field lengths in packet headers, we analyze how hard it is for an intruder to compromise RINA. |
|---|---|
| AbstractList | The TCP/IP architecture was originally designed without taking security measures into consideration. Over the years, it has been subjected to many attacks, which has led to many patches to counter them. Our investigations into the fundamental principles of networking have shown that carefully following an abstract model of Inter-Process Communication (IPC) addresses many problems [1]. Guided by this IPC principle, we designed a clean-slate Recursive InterNetwork Architecture (RINA) [2]. In this paper, we show how, without the aid of cryptographic techniques, the bare-bones architecture of RINA can resist most of the security attacks faced by TCP/IP, and of course, is only more secure if cryptographic techniques are employed. Specifically, the RINA model decouples different concerns that makes it more resistant to transport-level attacks: (1) RINA decouples authentication from connection management, thus transport-level attacks are limited to "insider" attacks, and (2) RINA decouples transport port allocation and access control from data synchronization and transfer, thus making transport-level attacks much harder to mount. Using typical field lengths in packet headers, we analyze how hard it is for an intruder to compromise RINA. |
| Author | Matta, I. Boddapati, G. Day, J. Chitkushev, L. |
| Author_xml | – sequence: 1 givenname: G. surname: Boddapati fullname: Boddapati, G. email: gboddapa@akamai.com organization: Akamai Technol., Cambridge, MA, USA – sequence: 2 givenname: J. surname: Day fullname: Day, J. email: day@bu.edu organization: Metropolitan Coll., Boston Univ., Boston, MA, USA – sequence: 3 givenname: I. surname: Matta fullname: Matta, I. email: matta@bu.edu organization: Coll. of Arts & Sci., Comput. Sci., Boston Univ., Boston, MA, USA – sequence: 4 givenname: L. surname: Chitkushev fullname: Chitkushev, L. email: Itc@bu.edu organization: Metropolitan Coll., Boston Univ., Boston, MA, USA |
| BookMark | eNp9jruOwjAQABcOJMKRD0DX-AcS1o84pKBACHQ0J4rrkRUth1EwyGsK_h4KrqWaYqTRjGEQLoEAphJLKbGZbVc_u1KhVKU1VdOYugd5U8-lsbVWxtSqD5myRhdao_6A8b-ocADZM6AKac18BDnzCRElamNtlcFiyUzMPvyJdCTB1N6iT3dxOQgn2o5cKLhzicQ2JIqBknCxPfpEbbpFmsDw4Dqm_MVP-Nqsf1ffhSei_TX6s4v3_etYv7cPOyJAHQ |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ICNP.2012.6459947 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library Online IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library Online url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EISBN | 9781467324472 9781467324465 1467324477 1467324469 |
| EISSN | 2643-3303 |
| EndPage | 6 |
| ExternalDocumentID | 6459947 |
| Genre | orig-research |
| GroupedDBID | 29O 6IE 6IF 6IK 6IL 6IN AAJGR ABLEC ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI JC5 M43 OCL RIE RIL RNS |
| ID | FETCH-ieee_primary_64599473 |
| IEDL.DBID | RIE |
| ISBN | 1467324450 9781467324458 |
| ISSN | 1092-1648 |
| IngestDate | Wed Jun 26 19:23:39 EDT 2024 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-ieee_primary_64599473 |
| ParticipantIDs | ieee_primary_6459947 |
| PublicationCentury | 2000 |
| PublicationDate | 2012-Oct. |
| PublicationDateYYYYMMDD | 2012-10-01 |
| PublicationDate_xml | – month: 10 year: 2012 text: 2012-Oct. |
| PublicationDecade | 2010 |
| PublicationTitle | 2012 20th IEEE International Conference on Network Protocols (ICNP) |
| PublicationTitleAbbrev | ICNP |
| PublicationYear | 2012 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0001034665 ssj0020273 |
| Score | 3.7236662 |
| Snippet | The TCP/IP architecture was originally designed without taking security measures into consideration. Over the years, it has been subjected to many attacks,... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 1 |
| SubjectTerms | Cryptography Receivers Resource management |
| Title | Assessing the security of a clean-slate Internet architecture |
| URI | https://ieeexplore.ieee.org/document/6459947 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07T8MwED61nWDh0SKggDww4jRNnIfniqogUXUAqVtlO-cFKUGQLP312I5JC-rA5kRRcnYs3eP77jPAPZokoWAoaKp5QZlCTQVTGZW6kHmKVrLMsS2W6eKNPa-TdQ8eul4YRHTkMwzs0GH5RaUaWyqbWOETzrI-9DPO216tXT0ljJmTbvPJltVpcUgnj6hJCXLX1JVmJn5gSaf15K9zD3eahydPs-XKMr6iwH_t17ErzuvMT-Dlx96WbPIeNLUM1PaPlON_J3QKo11_H1l1nusMeliew_GeNOEQPBpsxsSEiOTLH3NHKk0EMVtNlNRsphpJW1LEmuxDEiMYzx9fZwtqjdl8tIoWG29HfAGDsirxEsg0U1yHJriZMs1EUggTl-UiknGozJrJ-AqGh95wffj2GI7skrYkuBsY1J8N3hpnXss79xe_AdeAm9U |
| link.rule.ids | 310,311,783,787,792,793,799,27937,55086 |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07T8MwED6VMgALjxYB5eGBEadp4uYxV1QptFGHInWLnOSyIKUVpAu_nrNj0oI6sDlRlJwdS_f4vvsM8IiUJOQCJfeKMOciw4JLkfk8LfI08FBJlmm2RexFb-JlOVy24KnphUFETT5DSw01lp-vso0qlfWV8Eko_AM4pLg68OpurW1FxXaFFm8z6ZZSatFYZ-hwSgoC3dbl-RRBiGGj9mSuAwN40sP9ySieK86XY5nv_Tp4Rfud8SnMfiyu6Sbv1qZKrezrj5jjf6d0Bt1thx-bN77rHFpYXsDJjjhhBwweTGNGQSL7NAfdsVXBJKPNJktO26lCVhcVsWK7oEQXeuPnxSjiyphkXWtaJMYO9xLa5arEK2ADPwsLm8KbgSiEHOaSIrNAOqlrZ7RmqXsNnX1vuNl_-wGOosVsmkwn8WsPjtXy1pS4W2hXHxu8I9depff6j34DNZifIA |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2012+20th+IEEE+International+Conference+on+Network+Protocols+%28ICNP%29&rft.atitle=Assessing+the+security+of+a+clean-slate+Internet+architecture&rft.au=Boddapati%2C+G.&rft.au=Day%2C+J.&rft.au=Matta%2C+I.&rft.au=Chitkushev%2C+L.&rft.date=2012-10-01&rft.pub=IEEE&rft.isbn=9781467324458&rft.issn=1092-1648&rft.eissn=2643-3303&rft.spage=1&rft.epage=6&rft_id=info:doi/10.1109%2FICNP.2012.6459947&rft.externalDocID=6459947 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1092-1648&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1092-1648&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1092-1648&client=summon |