An Integrated Approach for Security on Demand in High Speed, Shared Use Networks

Abstract

This dissertation presents a user level security on demand system, resulting from an integration of a fundamental framework for network security with the fundamental and unique characteristics of Asynchronous Transfer Mode (ATM) networks. The framework offers a conceptual structure encapsulating the fundamental knowledge and set of relationships in network security, permitting systematic and scientific reasoning about network security. The changing nature of networks from a set of unconnected entities, controlled and used by a specific class of users, to an increasingly interconnected and integrated, mixed use, set of networks, simultaneously shared by different classes of users, requires a mechanism to enable these mixed use networks to meet the diverse security requirements of all users. The framework, developed as a part of this dissertation, provides the ability for all user groups, such as the military, government, industry and academia, to define their security requirements within its context and enable the framework, when integrated into an ATM network, to provide a template for matching network security resources to individual user requirements. The user level aspect of the security system is unique and is enabled by the ATM network's call setup process. In this approach, during the call setup phase, the security posture of every node and link is computed, utilizing the security framework. When the system configures a virtual path from source to destination, every node and link is verified to meet the user specified security, in addition to bandwidth and other quality of service (QoS) requirements. Traffic is launched when the call setup succeeds, otherwise, the call fails. Thus, the approach is consistent with the basic characteristics of ATM networks, offering comprehensive security while viewing security as a distributed network resource, allocating it to each user efficiently, based on demand and dictated by the need.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 01, 1999
Accession Number
ADA363245

Entities

People

  • Henry Jerry Schumacher

Organizations

  • Arizona State University

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Ground and Sea Platforms

DTIC Thesaurus Topics

  • Computational Science
  • Computer Access Control
  • Computer Network Security
  • Computer Networks
  • Computer Programming
  • Computer Science
  • Computers
  • Cryptography
  • Cybersecurity
  • Data Transmission
  • Governments
  • Information Systems
  • National Security
  • Network Architecture
  • Network Protocols
  • Network Science
  • Risk Analysis

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Cybersecurity.
  • Theoretical Analysis.

Technology Areas

  • Cyber