Authenticated access to reserved network resources

Kenneth L. Calvert, Srinivasan Venkatraman, James N. Griffioen

Research output: Contribution to journalArticlepeer-review


Enhanced network services often involve preferential allocation of resources such as transmission capacity ("bandwidth") and buffer space to packets belonging to certain flows or traffic classes. Such services are vulnerable to denial-of-service attacks if access to those resources is granted based on information that can be forged, such as source and destination addresses and port numbers. Traditional message authentication codes (MACs) are not designed to solve this problem and have high per-packet processing costs. In this paper we propose a packet authentication algorithm specifically designed to solve the problem of protecting access to reserved network resources. We present measurements from a prototype implementation, and argue that our approach is a better solution for this problem than traditional MACs.

Original languageEnglish
Pages (from-to)54-64
Number of pages11
JournalInternational Journal of Network Security
Issue number1
StatePublished - 2006


  • Denial-of-service
  • Integrated services
  • Packet authentication
  • RSVP

ASJC Scopus subject areas

  • Computer Networks and Communications


Dive into the research topics of 'Authenticated access to reserved network resources'. Together they form a unique fingerprint.

Cite this