{"title":"基于高性能功能的网络的数据路径凭据","authors":"T. Wolf","doi":"10.1145/1477942.1477965","DOIUrl":null,"url":null,"abstract":"Capabilities-based networks present a fundamental shift in the security design of network architectures. Instead of permitting the transmission of packets from any source to any destination, routers deny forwarding by default. For a successful transmission, packets need to positively identify themselves and their permissions to the router. The analysis of the data path credentials data structure that we propose shows that as few as 128 bits are sufficient to reduce the probability of unauthorized traffic reaching its destination to a fraction of a percent.","PeriodicalId":329300,"journal":{"name":"Symposium on Architectures for Networking and Communications Systems","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":"{\"title\":\"Data path credentials for high-performance capabilities-based networks\",\"authors\":\"T. Wolf\",\"doi\":\"10.1145/1477942.1477965\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Capabilities-based networks present a fundamental shift in the security design of network architectures. Instead of permitting the transmission of packets from any source to any destination, routers deny forwarding by default. For a successful transmission, packets need to positively identify themselves and their permissions to the router. The analysis of the data path credentials data structure that we propose shows that as few as 128 bits are sufficient to reduce the probability of unauthorized traffic reaching its destination to a fraction of a percent.\",\"PeriodicalId\":329300,\"journal\":{\"name\":\"Symposium on Architectures for Networking and Communications Systems\",\"volume\":\"52 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-11-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"32\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Symposium on Architectures for Networking and Communications Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1477942.1477965\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Symposium on Architectures for Networking and Communications Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1477942.1477965","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Data path credentials for high-performance capabilities-based networks
Capabilities-based networks present a fundamental shift in the security design of network architectures. Instead of permitting the transmission of packets from any source to any destination, routers deny forwarding by default. For a successful transmission, packets need to positively identify themselves and their permissions to the router. The analysis of the data path credentials data structure that we propose shows that as few as 128 bits are sufficient to reduce the probability of unauthorized traffic reaching its destination to a fraction of a percent.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
