SAVAH: Source Address Validation with Host Identity Protocol

نویسندگان

Dmitriy Kuptsov

Andrei V. Gurtov

چکیده

Explosive growth of the Internet and lack of mechanisms that validate the authenticity of a packet source produced serious security and accounting issues. In this paper, we propose validating source addresses in LAN using Host Identity Protocol (HIP) deployed in a first-hop router. Compared to alternative solutions such as CGA, our approach is suitable both for IPv4 and IPv6. We have implemented SAVAH in Wi-Fi access points and evaluated its overhead for clients and the first-hop router.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Network Working Group Nat and Firewall Traversal Issues of Host Identity Protocol (hip) Communication Status of This Memo

The Host Identity Protocol (HIP) changes the way in which two Internet hosts communicate. One key advantage over other schemes is that HIP does not require modifications to the traditional networklayer functionality of the Internet, i.e., its routers. In the current Internet, however, many devices other than routers modify the traditional network-layer behavior of the Internet. These "middlebox...

متن کامل

Application mobility with Host Identity Protocol – Extended Abstract

In this paper, we consider process migration from a communications point of view. We use the term application mobility while referring to an application being moved from a host to another during its execution. In this paper these hosts are called source and destination hosts, respectively. Moreover, we define a host to be virtual, and thus, not to equal to a physical host as such. Therefore, mu...

متن کامل

A Policy System for Simultaneous Multiaccess with Host Identity Protocol

In this paper we describe a Host Identity Protocol (HIP) extension that allows multihomed HIP hosts to use multiple access networks simultaneously. This extension defines how to identify data flow and how to route them based on higher level policies and specifically address the issue of the return path by transfering the policies to the peer.

متن کامل

Basic Host Identity Protocol (HIP) Extensions for Traversal of Network Address Translators

This document specifies extensions to the Host Identity Protocol (HIP) to facilitate Network Address Translator (NAT) traversal. The extensions are based on the use of the Interactive Connectivity Establishment (ICE) methodology to discover a working path between two end-hosts, and on standard techniques for encapsulating Encapsulating Security Payload (ESP) packets within the User Datagram Pro...

متن کامل

Middlebox Traversal of HIP Communication

The Host Identity Protocol (HIP) fundamentally changes the way two hosts in the Internet communicate. One key advantage over other schemes is that HIP does not require any modifications to the traditional network-layer functionality of the Internet, i.e., its routers. HIP deployment should therefore be transparent. In the current Internet, however, many devices other than routers may affect the...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2009

SAVAH: Source Address Validation with Host Identity Protocol

نویسندگان

چکیده

منابع مشابه

Network Working Group Nat and Firewall Traversal Issues of Host Identity Protocol (hip) Communication Status of This Memo

Application mobility with Host Identity Protocol – Extended Abstract

A Policy System for Simultaneous Multiaccess with Host Identity Protocol

Basic Host Identity Protocol (HIP) Extensions for Traversal of Network Address Translators

Middlebox Traversal of HIP Communication

عنوان ژورنال:

اشتراک گذاری