An architectural framework for data link layer security with security inter-layering

Conference Proceedings - IEEE SOUTHEASTCON

Volumn , Issue , 2007, Pages 607-614

  Altunbasak, Hayriye ^a   Owen, Henry ^b  

^a Scientific Atlanta Inc   (United States)

^b GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER NETWORKS; ETHERNET; INTERNET PROTOCOLS; MEDIUM ACCESS CONTROL; OPTICAL LINKS;

DATA LINK LAYER; NETWORK DEVICES; NETWORK LAYERS;

NETWORK SECURITY;

EID: 34547663065     PISSN: 10910050     EISSN: 1558058X     Source Type: Conference Proceeding    
DOI: 10.1109/SECON.2007.342975     Document Type: Conference Paper

References (27)

1. IEEE P802.1AE Standard for Local and Metropolitan Area Networks: Media Access Control (MAC) Security, January 2006, IEEE Working Draft, D5.1. [Online]. Available: www.ieee802.org/1/files/private/ae-drafts/d5/802-1ae-d5-1. pdf
2. "IEEE 802.1AE-Media Access Control (MAC) Security," July 2006, [Online]. Available: http://www.ieee802.org/1/pages/802.1.ae.html.
3. C. Howard, "Layer 2 - The weakest link: Security considerations at the Data Link Layer," PACKET, vol. 15, no. 1, First Quarter 2003.
4. H. Altunbasak, S. Krasser, H. L. Owen, J. Grimminger, H.-P. Huth, and J. Sokol, "Securing Layer 2 in Local Area Networks," in ICN, vol. 2, Reunion, France, April 2005, pp. 699-706.
5. H. Altunbasak, S. Krasser, H. Owen, J. Sokol, J. Grimminger, and H.-P. Huth, "Addressing the weak link between Layer 2 and Layer 3 in the Internet architecture," in Proc. of the 29th Annual IEEE Conference on Local Computer Networks (LCN), Tampa, Florida, November 2004.
6. IEEE Std 802.11i, Amendment to IEEE Std 802.11 Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications: Medium Access Control (MAC) Security Enhancements, June 2004.
7. T. Karygiannis and L. Owens, Wireless Network Security 802.11, Bluetooth and Handheld Devices, November 2002, Special Publication 800-48, Recommendations of the National Institute of Standards and Technology. [Online]. Available: http://csrc.nist.gov/publications/nistpubs/800-48/NIST SP 800-48.pdf.
8. D. C. Plummer, "Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware," IETF RFC 826, November 1982.
9. S. Kent and R. Atkinson, IP Authentication Header, Nov. 1998, RFC 2402. [Online]. Available: http://www.ietf.org/rfc/rfc2402.txt.
10. Stephen Kent and Randall Atkinson, IP Encapsulating Security Payload (ESP), Nov. 1998, RFC 2406. [Online]. Available: http://www.ietf.org/rfc/ rfc2406.txt.
11. "NISCC vulnerability advisory IPSEC - 004033," May 2005, [Online]. Available: http://www.niscc.gov.uk/niscc/docs/al-20050509-00386. html?lang=en.
12. P. Nikander, J. Laganier, and F. Dupont, "A Non-Routable IPv6 Prefix for Keyed Hash Identifiers (KHI)," Network Working Group Internet Draft, September 2005. [Online]. Available: http://tools.ietf.org/wg/ipv6/draft- laganieripv6-khi-00.txt.
13. Donald E. Eastlake, "RSA/SHA-1 SIGs and RSA KEYs in the Domain Name system (dns)," IETF RFC 3110, May 2001. [Online]. Available: http://www.ietf.org/rfc/rfc3110.txt.
14. IEEE 802.1X-2001 IEEE Standards for Local and Metropolitan Area Networks: Port-Based Network Access Control (EAPOL), 2001.
15. R. Moskowitz, P. Nikander, P. Jokela, and T. R. Henderson, "Host Identity Protocol," Internet draft, March 2006, work in progress. [Online]. Available: http://www.ietf.org/intemetdrafts/draft-ietf-hip-base-05.txt.
16. W. Aiello, S. M. Bellovin, M. Blaze, J. Ioannidis, O. Reingold, R. Canetti, and A. D. Keromytis, "Efficient, dosresistant, secure key exchange for internet protocols," in CCS '02: Proceedings of the 9th ACM conference on Computer and communications security. New York, NY, USA: ACM Press, 2002, pp. 48-58.
17. H. Krawczyk, "SIGMA: The 'SIGn-and-MAc' approach to authenticated Diffie-Hellman and its use in the IKE protocols," Lecture Notes in Computer Science, vol. 2729, pp. 400-425, Oct. 2003.
18. K. J. Houle and G. M. Weaver, Trends in Denial of Service Attack Technology, October 2001. [Online]. Available: http://www.cert.org/archive/ pdf/DoS trends.pdf.
19. T. Aura, P. Nikander, and J. Leiwo, "Dos-resistant authentication with client puzzles," in Revised Papers from the 8th International Workshop on Security Protocols. London, UK: Springer-Verlag, 2001, pp. 170-177.
20. D. Dean and A. Stubblefield, "Using client puzzles to protect tls," in 10th Annual USENIXSecurity Symposium, 2001.
21. D. B. Faria and D. R. Cheriton, "Dos and authentication in wireless public access networks," in WiSE '02: Proceedings of the 3rd ACM workshop on Wireless security. New York, NY, USA: ACM Press, 2002, pp. 47-56.
22. M. Handley and A. Greenhalgh, "Steps towards a dosresistant internet architecture," in FDNA '04: Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture. New York, NY, USA: ACM Press, 2004, pp. 49-56.
23. X. Wang and M. K. Reiter, "Mitigating bandwidth exhaustion attacks using congestion puzzles," in CCS '04: Proceedings of the 11th ACM conference on Computer and communications security. New York, NY, USA: ACM Press, 2004, pp. 257-267.
24. B. Waters, A. Juels, J. A. Halderman, and E. W. Felten, "New client puzzle outsourcing techniques for dos resistance," in Proceedings of the 11th ACM conference on Computer and communications security. ACM Press, 2004, pp. 246-256. [Online]. Available: www.cs.princeton.edu/jhalderm/papers/ ccs2004.pdf.
25. Advanced Encryption Standard (AES), November 2001, FIPS 197. [Online]. Available: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.
26. D. Whiting, R. Housley, and N. Ferguson, Counter with CBC-MAC (CCM), September 2003, RFC3610. [Online]. Available: http://www.faqs.org/ rfcs/rfc3610.html.
27. A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography. CRC Press, 1997.