The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Multicast networking support is becoming an increasingly important future technology area for group-based applications. Although the deployment of multicast networks has been picking up, the area of multicast security has not received much attention. The few proposals for securing multicast communication do not address the unique requirements arising from the multicast group communication model. Integrating...
The paper proposes an identity-based aggregate path verification protocol (IBAPV) to provide authenticity for route announcements in the border gateway protocol (BGP) with a more efficient and easily deployed identity-based aggregate signature scheme instead of certificate-based scheme, which leads to performance and deployment matters of current proposals. Because in the identity-based cryptographic...
This paper presents a trust-based model for secure network admission and trustworthy routing. Firstly, a dynamic routing trust model based on trust relationship and routing behaviors is brought forward. The model not only supports trust network connection, but also gives a comprehensive assessment to the network security and efficiency affected by router access according to routers' interactive behaviors...
Naming and addressing are important issues for next generation Internet (NGI). In this paper, we discuss a new mobility and multihoming supporting identifier locator split architecture (MILSA). There are three main contributions of our solution. First, we separate trust relationships (realms) from connectivity (zones). A hierarchical identifier system for the realms and a Realm Zone Bridging Server...
Military communications currently require secure end-to-end, resilient connectivity via multi-homed connections, and need to support both mobile hosts and mobile networks. Today, such functions are possible to some degree, but the functions are not harmonised. Standards that support these functions were designed independently and implemented in isolation. So, achieving converged capabilities for optimal...
With the significant development of wireless technologies, vehicular ad-hoc network (VANET) has gradually become the killing application for automobile industry. Many VANET systems have been developed in recent years. However, the majority of them have the assumption that all or most vehicles have wireless communication devices installed along with an elaborate road side infrastructure. This assumption...
We investigate the bootstrapping of policy-based access control in a deny-by-default mission-critical MANET. In the absence of any initial policies, a deny-by-default system fundamentally prevents all traffic flow. Providing all policies prior to deployment assumes advanced knowledge of all possible future scenarios - an assumption that is often unrealistic in practice; furthermore, policies may change...
The demand for group communications to supply a same service to customer is increasing lately, and thus the support for group oriented multicast service is necessary. For this, an internet accepts IP multicast as a standard protocol. IP multicast can increase network efficiency by decreasing unneeded data stream with the help of network replication model, but its security is weak since it uses opened...
Tunneling techniques such as configured tunnel, 6to4, ISATAP and Teredo are common mechanisms in the early deployment of IPv6 to connect between two isolated IPv6 LANs or hosts by using the IPv4 infrastructure. We focused on Teredo tunnel as it allows users behind NATs to obtain IPv6 connectivity. Teredo tunnel has been designed to encapsulate IPv6 packet in UDP using IPv6-in-UDPin-IPv4 technology...
The rapid proliferation of Internet and related technologies has created tremendous possibilities for the interoperability between domains in distributed environments. Interoperability does not come easy at it opens the way for several security and privacy breaches. In this paper, we focus on the distributed authorization discovery problem that is crucial to enable secure interoperability. We present...
This paper presents new, universal, scalable network architecture, called USA, which resolves the growing tensions between the Internet architecture and routing infrastructure. USA separates the identity of end host from its location and adopts name-based addressing to achieve the end-to-end communication. USA also isolates the address space of end sites from core Internet. Each end site possesses...
With the increasing demand of ubiquitous computing, the interconnection of mobile ad hoc networks (MANETs) to Internet is also getting attractive, which is so-called hybrid or connected MANET. In MANET paradigm, routing is a challenging task due to mobility and the resulting inherent dynamic network topology. In many applications, multipath routing scheme is favorable than single-path routing due...
In this article, we propose a general-purpose disaster support system based on generalized (multiplicatively-weighted order-k Minkowski-metric) Voronoi diagrams. The proposed system is capable of handling disasters (or emergency units) having different weights in the complete order from 1 to k in the three popular Minkowski metrics (Euclidean, Manhattan and Maximum distance space). The proposed model...
Todaypsilas Internet architecture faces many challenges, especially the poor support for security and universal services. By analyzing the drawbacks of current TCP/IP protocol and related research schemes such as HIP and FARA, we propose a trustworthy universal network architecture model LISNA, which is based on locator/identity split. LISNA defines the network architecture by introducing a new kind...
Ubiquitous computing systems typically have lots of security problems in the area of service supply. The service types and levels, the security delegation of services and the identity hiding of principal etc are all these unsolved problems. In this paper, UCSMssp, a new novel ubiquitous computing service model based on SPKI/SDSI and P2P is presented. SPKI-based authorization is exploited in UCSMssp...
Network accountability and forensic analysis have become increasingly important, as a means of performing network diagnostics, identifying malicious nodes, enforcing trust management policies, and imposing diverse billing over the Internet. This has led to a series of work to provide better network support for accountability, and efficient mechanisms to trace packets and information flows through...
The continued explosion of new virus/worm and other security attacks in the Internet and the tremendous propagation speed of self-propagating attacks has led to network security being considered as a design criterion rather than an afterthought. Attack prevention, detection, and mitigation mechanisms can be broadly classified as network based or host based. Network based security mechanisms have been...
In this paper, we propose a secure embedded gateway system for a wireless sensor network that provides secure wireless and wire communication channels for wireless sensor nodes and applications in the Internet, respectively. It also has security functions such as key management, access control and secure wireless network configuration for wireless sensor nodes and secure query process for its applications...
While it is widely understood that criminal miscreants are subverting large numbers of Internet-connected computers (e.g., for bots, spyware, SPAM forwarding), it is less well appreciated that Internet routers are also being actively targeted and compromised. Indeed, due to its central role in end-to-end communication, a compromised router can be leveraged to empower a wide range of direct attacks...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.