A Node Identity Internetworking Architecture

The Internet consists of independent networks that belong to different administrative domains and vary in scope from personal area networks, private home networks, corporate networks to ISP and global operator networks. These networks may employ different technologies, communications mediums, addressing realms and may have widely different capabilities. The coming years will add a significant level of dynamic behavior, such as mobile nodes and moving networks, which the Internet must support. At the same time, there is a need to address the increasing levels of harmful traffic and denial-of-service attacks. The existing Internet architecture does not support dynamic behavior or secure communication to a sufficient degree. This paper outlines a node-identity-based internetworking architecture that allows heterogeneous networks to work together without loss of functionality. Some of techniques employed in this architecture include reliance on cryptographic node identifiers, identity routers and localized addressing realms.

[1]  Jukka Ylitalo Re-thinking Security in Network Mobility , 2005 .

[2]  Pasi Eronen,et al.  IKEv2 Mobility and Multihoming Protocol (MOBIKE) , 2006, RFC.

[3]  Michael O'Dell,et al.  GSE - An Alternate Addressing Architecture for IPv6 , 1997 .

[4]  Geoff Huston Architectural Commentary on Site Multi-homing using a Level 3 Shim , 2005 .

[5]  Pekka Nikander,et al.  End-Host Mobility and Multihoming with the Host Identity Protocol , 2008, RFC.

[6]  Bengt Ahlgren,et al.  Invariants: a new design methodology for network architectures , 2004, FDNA '04.

[7]  H. Soliman,et al.  Hierarchical mobile IPv6 mobility management , 2005 .

[8]  Scott Shenker,et al.  Internet indirection infrastructure , 2002, SIGCOMM 2002.

[9]  Charles E. Perkins,et al.  Mobility support in IPv6 , 1996, MobiCom '96.

[10]  Michael Walfish,et al.  A layered naming architecture for the internet , 2004, SIGCOMM '04.

[11]  Paul Francis,et al.  IPNL: A NAT-extended internet architecture , 2001, SIGCOMM 2001.

[12]  Jonathan Lemon,et al.  Resisting SYN Flood DoS Attacks with a SYN Cache , 2002, BSDCon.

[13]  David Wetherall,et al.  Preventing Internet denial-of-service with capabilities , 2004, Comput. Commun. Rev..

[14]  Bengt Ahlgren,et al.  The split naming/forwarding network architecture , 2003 .

[15]  Ion Stoica,et al.  Towards a More Functional and Secure Network Infrastructure , 2003 .

[16]  David D. Clark,et al.  FARA: reorganizing the addressing architecture , 2003, FDNA '03.

[17]  Pekka Nikander,et al.  Host Identity Indirection Infrastructure (Hi3) , 2004 .

[18]  Charles E. Perkins,et al.  IP Mobility Support for IPv4 , 2002, RFC.

[19]  Brian E. Carpenter,et al.  Middleboxes: Taxonomy and Issues , 2002, RFC.

[20]  Jon Crowcroft,et al.  Plutarch: an argument for network pluralism , 2003, FDNA '03.

[21]  David R. Cheriton,et al.  TRIAD: A Scalable Deployable NAT-based Internet Architecture , 2000 .

[22]  Matt Holdrege,et al.  IP Network Address Translator (NAT) Terminology and Considerations , 1999, RFC.

[23]  Tony Hain A Pragmatic Report on IPv4 Address Space Consumption , 2005 .

[24]  Lars Eggert,et al.  Towards Autonomous Network Domains , 2006, INFOCOM.

[25]  Pekka Nikander,et al.  Host Identity Protocol (HIP) Domain Name System (DNS) Extensions , 2008, RFC.