网络访问控制中自认证Internet协议的设计

2016 13th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON) Pub Date : 2016-06-01 DOI:10.1109/ECTICON.2016.7561273

Parinya Thamthawornsakul, S. Sittichivapak

{"title":"网络访问控制中自认证Internet协议的设计","authors":"Parinya Thamthawornsakul, S. Sittichivapak","doi":"10.1109/ECTICON.2016.7561273","DOIUrl":null,"url":null,"abstract":"This paper presents an application of Internet Protocol Options for enhancing self-authenticated feature to the Internet Protocol. The options consist of Keyed-Hash Message Authentication Code and timestamp. In the network access control system, local network devices needing to access protected networks have to attach the options to packet header before sending to destination through a network access controller or commonly known as a gateway. Internet Protocol packets with options are verified on the gateway, the Keyed-Hash Message Authentication Code is used for checking integrity of data and the timestamp is used for replay attack mitigation. Packets passing all processes would be allowed to access to the protected networks. The design of self-authenticated Internet Protocol provides a protection of sending source spoofed packets from local network causing damage to other networks and also provides high reliability of source identification.","PeriodicalId":200661,"journal":{"name":"2016 13th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON)","volume":"880 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A design of self-authenticated Internet Protocol for Network Access Control\",\"authors\":\"Parinya Thamthawornsakul, S. Sittichivapak\",\"doi\":\"10.1109/ECTICON.2016.7561273\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents an application of Internet Protocol Options for enhancing self-authenticated feature to the Internet Protocol. The options consist of Keyed-Hash Message Authentication Code and timestamp. In the network access control system, local network devices needing to access protected networks have to attach the options to packet header before sending to destination through a network access controller or commonly known as a gateway. Internet Protocol packets with options are verified on the gateway, the Keyed-Hash Message Authentication Code is used for checking integrity of data and the timestamp is used for replay attack mitigation. Packets passing all processes would be allowed to access to the protected networks. The design of self-authenticated Internet Protocol provides a protection of sending source spoofed packets from local network causing damage to other networks and also provides high reliability of source identification.\",\"PeriodicalId\":200661,\"journal\":{\"name\":\"2016 13th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON)\",\"volume\":\"880 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 13th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ECTICON.2016.7561273\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 13th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ECTICON.2016.7561273","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

提出了一种利用Internet协议选项增强Internet协议自认证特性的方法。选项包括密钥哈希消息验证码和时间戳。在网络访问控制系统中，需要访问受保护网络的本地网络设备在通过网络访问控制器或通常称为网关发送到目的地之前，必须将选项附加到数据包头。带选项的互联网协议数据包在网关上进行验证，密钥哈希消息认证码用于检查数据的完整性，时间戳用于减轻重放攻击。通过所有进程的数据包将被允许访问受保护的网络。Internet协议自认证的设计既保护了本地网络发送的源欺骗报文不会对其他网络造成损害，又提供了源识别的高可靠性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A design of self-authenticated Internet Protocol for Network Access Control

This paper presents an application of Internet Protocol Options for enhancing self-authenticated feature to the Internet Protocol. The options consist of Keyed-Hash Message Authentication Code and timestamp. In the network access control system, local network devices needing to access protected networks have to attach the options to packet header before sending to destination through a network access controller or commonly known as a gateway. Internet Protocol packets with options are verified on the gateway, the Keyed-Hash Message Authentication Code is used for checking integrity of data and the timestamp is used for replay attack mitigation. Packets passing all processes would be allowed to access to the protected networks. The design of self-authenticated Internet Protocol provides a protection of sending source spoofed packets from local network causing damage to other networks and also provides high reliability of source identification.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 13th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON)

自引率

0.00%

发文量