EESP: A Security Protocol that Supports QoS Management
Autor: | Christian Fraboul, A.A. El Kalam, Mahmoud Mostafa |
---|---|
Přispěvatelé: | Réseaux, Mobiles, Embarqués, Sans fil, Satellites (IRIT-RMESS), Institut de recherche en informatique de Toulouse (IRIT), Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées |
Jazyk: | angličtina |
Rok vydání: | 2008 |
Předmět: |
Network Security Protocols
computer.internet_protocol Security Parameter Index Computer science QoS 050801 communication & media studies 02 engineering and technology multi-field packet classifier Internet security Computer security computer.software_genre active admission control [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] 0508 media and communications Internet protocol suite 0202 electrical engineering electronic engineering information engineering IPSec ESP business.industry Network packet Quality of service 05 social sciences ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS 020206 networking & telecommunications Cryptographic protocol IEEE Security service IPsec AH business computer Computer network |
Zdroj: | International Conference on Risks and Security of Internet and Systems International Conference on Risks and Security of Internet and Systems, Oct 2008, Tozeur, Tunisia. pp.31-41 CRiSIS |
Popis: | In order to effectively manage network resources and to serve different traffic needs, several works have been done in the QoS area. Basically, ldquomulti-field (MF) packet classifiersrdquo classify a packet by looking for multiple fields of the IP/TCP headers, recognize which flow the packet belongs to, and according to this information, provide service differentiation in IP networks. However, for security purposes, existing security protocols (such as the IPSec Encapsulating Security Payload (ESP) algorithm) hides much of this information in their encrypted payloads, preventing network control devices such as routers and switches from utilizing this information in performing classification appropriately. The ESPQ (ESP considered QoS) protocol deals with this problem but unfortunately, it has some security weaknesses. In this paper we present the ESPQ vulnerabilities and we propose EESP (Enhanced encapsulated security payload) as a security protocol that provides both security and QoS. |
Databáze: | OpenAIRE |
Externí odkaz: |