Securing virtual private LAN service by efficient key management

Virtual private local area network service VPLS is a layer 2 service provider-provisioned virtual private network service. Security is one of the key system requirements of a VPLS because it delivers the frames via an untrusted network. Several VPLS architectures are proposed during the recent years. However, many of them do not provide a sufficient level of security. On the other hand, the existing secure VPLS architectures are also suffering from the scalability issues, and they are infeasible to implement in large scale networks.

[1]  Andrei V. Gurtov,et al.  Secured VPN Models for LTE Backhaul Networks , 2012, 2012 IEEE Vehicular Technology Conference (VTC Fall).

[2]  Kireeti Kompella,et al.  Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling , 2007, RFC.

[3]  Andrew G. Malis,et al.  Encapsulation Methods for Transport of PPP/High-Level Data Link Control (HDLC) over MPLS Networks , 2006, RFC.

[4]  Himanshu Shah,et al.  IP-Only LAN Service (IPLS) , 2015, RFC.

[5]  Pekka Nikander,et al.  Using the Encapsulating Security Payload (ESP) Transport Format with the Host Identity Protocol (HIP) , 2008, RFC.

[6]  Pekka Nikander,et al.  Host Identity Protocol , 2005 .

[7]  Pekka Nikander,et al.  Host Identity Protocol (HIP): Connectivity, Mobility, Multi-Homing, Security, and Privacy over IPv4 and IPv6 Networks , 2010, IEEE Communications Surveys & Tutorials.

[8]  Eric C. Rosen,et al.  Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP) , 2006, RFC.

[9]  Guillaume Urvoy-Keller,et al.  Improving flow level fairness and interactivity in WLANs using size-based scheduling policies , 2008, MSWiM '08.

[10]  Andrei Gurtov Host Identity Protocol (HIP): Towards the Secure Mobile Internet , 2008 .

[11]  Eric C. Rosen,et al.  Encapsulation Methods for Transport of Ethernet over MPLS Networks , 2006, RFC.

[12]  J. J. Garcia-Luna-Aceves,et al.  The HIP protocol for hierarchical multicast routing , 1998, PODC '98.

[13]  Wesley M. Eddy,et al.  TCP SYN Flooding Attacks and Common Mitigations , 2007, RFC.

[14]  Andrei Gurtov,et al.  Distributed user authentication in wireless LANs , 2009, WoWMoM 2009.

[15]  Rolland Vida,et al.  Host Identity Specific Multicast , 2007, International Conference on Networking and Services (ICNS '07).

[16]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[17]  Vach Kompella,et al.  Virtual Private LAN Service (VPLS) Using Label Distribution Protocol (LDP) Signaling , 2007, RFC.

[18]  Thomas Henderson,et al.  HIP-based Virtual Private LAN Service (HIPLS) , 2016 .

[19]  Eric C. Rosen,et al.  Framework for Layer 2 Virtual Private Networks (L2VPNs) , 2006, RFC.

[20]  Eric C. Rosen,et al.  Encapsulation Methods for Transport of Layer 2 Frames over MPLS Networks , 2007, RFC.

[21]  Yetik Serbest,et al.  Service Requirements for Layer 2 Provider-Provisioned Virtual Private Networks , 2006, RFC.

[22]  Zhihua Liu,et al.  Analysis of Virtual Private LAN Service (VPLS) Deployment , 2011 .