Research Article
A security framework for service overlay networks: Access control
@INPROCEEDINGS{10.1109/BROADNETS.2008.4769117, author={Jinu Kurian and Kamil Sarac}, title={A security framework for service overlay networks: Access control}, proceedings={5th International ICST Conference on Broadband Communications, Networks, and Systems}, publisher={IEEE}, proceedings_a={BROADNETS}, year={2010}, month={5}, keywords={}, doi={10.1109/BROADNETS.2008.4769117} }- Jinu Kurian
Kamil Sarac
Year: 2010
A security framework for service overlay networks: Access control
BROADNETS
IEEE
DOI: 10.1109/BROADNETS.2008.4769117
Abstract
Service overlay networks (SONs) have recently been proposed to support various value-added services including multicast, resilient routing, QoS support, and DoS resistant communication in the Internet. Access control plays an important role for various SON applications yet most SON proposals do not consider access control or assume that it is a pre-existing service. The lack of a proper access control mechanism may introduce security or efficiency problems for various SON applications. In this paper, we present a scalable, distributed access control scheme with very low state information required to be maintained at the SON nodes. Using this service, a SON access node can decide if an end userpsilas traffic should be accepted into the SON overlay for processing and forwarding towards its intended destination. We present our scheme and evaluate it via a combination of formal verification, security analysis, and an experimental evaluation work on its practicality.
