论文信息 - An integrated security scheme for ID/locator split architecture of future network

An integrated security scheme for ID/locator split architecture of future network

For the sake of better scalability and flexibility in the mobile and multihoming environments, future networks are expected to be based on the concept of ID/locator split. The ID/locator split architectures require storing, updating and retrieving of ID/locator mappings frequently, for which they need built-in security. To address this issue, this paper presents an integrated security scheme for securely storing, updating and retrieving hostnames to IDs and locators mapping records in two layers of name registries: domain name registries and host name registries. It then utilizes the mapping records retrieved from the registries for securing the network access, communication sessions, and mobility management functions. The scheme provides comprehensive protection of the ID/locator split architecture through an effective combination of asymmetric and symmetric cryptographic functions.

Hiroaki Harai | Ruidong Li | Ved P. Kafle | Daisuke Inoue

[1] Ved P. Kafle,et al. HIMALIS: Heterogeneity Inclusion and Mobility Adaptation through Locator ID Separation in New Generation Network , 2010, IEICE Trans. Commun..

[2] Brian Wellington,et al. Secret Key Transaction Authentication for DNS (TSIG) , 2000, RFC.

[3] Ved P. Kafle,et al. An ID/locator split architecture for future networks , 2010, IEEE Communications Magazine.

[4] Dino Farinacci,et al. The Locator/ID Separation Protocol (LISP) , 2009, RFC.

[5] Marcelo Bagnulo,et al. Shim6: Level 3 Multihoming Shim Protocol for IPv6 , 2009, RFC.

[6] Scott Rose,et al. Resource Records for the DNS Security Extensions , 2005, RFC.

[7] Cheryl Madson,et al. The Use of HMAC-SHA-1-96 within ESP and AH , 1998, RFC.

[8] Pekka Nikander,et al. Host Identity Protocol , 2005 .

[9] Yakov Rekhter,et al. Dynamic Updates in the Domain Name System (DNS UPDATE) , 1997, RFC.