Validation of the PCN Concept: Mobility, Traffic Flow Confidentiality and Protection Against Directed Attacks

Abstract

Protected Core Networking (PCN) is an approach that aims to provide a highly flexible networking environment that, even in the case of directed attacks against the communications infrastructure, ensures continued operation of critical communications. To verify that the PCN concept provides the expected benefits, a proof-of-concept prototype was developed. This paper will focus on three areas from the prototyping work; Mobility of coloured clouds, mechanisms for Traffic Flow Confidentiality (TFC) and the capability of a network built on PCN principles to withstand directed attacks. Coloured clouds (CCs) are the users in the network, typically being a part of an information infrastructure confidentiality-protected by an IP-crypto. An important aspect, in Network Enabled Capability environments, is flexibility in terms of mobility of the CCs. An analysis of encrypted traffic flows, looking at sizes and intervals of packets etc, between CCs can reveal important information of the communication like type of traffic and chain-of-command. TFC-mechanisms provide measures against analysis of traffic flows. Directed attacks on a network with the intention to lower the capacity of the infrastructure, thereby hindering important information to reach its destination, is addressed by ensuring that only authorized entities can send traffic at a pre-agreed maximum rate on the network. This paper will describe how the functionality was implemented in a prototype and further present the results from an experiment where the prototype was used in a simulated operational setting.

Document Details

Document Type

Technical Report

Publication Date

Nov 01, 2010

Accession Number

ADA584042

Entities

Tags