Authenticated access to reserved network resources

Kenneth L. Calvert, Srinivasan Venkatraman, James N. Griffioen

Research output: Contribution to journalArticlepeer-review

Abstract

Enhanced network services often involve preferential allocation of resources such as transmission capacity ("bandwidth") and buffer space to packets belonging to certain flows or traffic classes. Such services are vulnerable to denial-of-service attacks if access to those resources is granted based on information that can be forged, such as source and destination addresses and port numbers. Traditional message authentication codes (MACs) are not designed to solve this problem and have high per-packet processing costs. In this paper we propose a packet authentication algorithm specifically designed to solve the problem of protecting access to reserved network resources. We present measurements from a prototype implementation, and argue that our approach is a better solution for this problem than traditional MACs.

Original languageEnglish
Pages (from-to)54-64
Number of pages11
JournalInternational Journal of Network Security
Volume3
Issue number1
StatePublished - 2006

Keywords

  • Denial-of-service
  • Integrated services
  • Packet authentication
  • RSVP

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Authenticated access to reserved network resources'. Together they form a unique fingerprint.

Cite this