Advertisement

Annales Des Télécommunications

, Volume 53, Issue 9–10, pp 377–388 | Cite as

La protection des communications sur les réseaux atm: le cas de l’interconnexion de réseaux privés atm distants

  • Maryline Laurent
  • Olivier Paul
  • Pierre Rolin
Article
  • 60 Downloads

Résumé

Dans un environnement de sitesAtm distants interconnecés par un réseau publicAtm, de nombreux problèmes de sécurité peuvent se poser comme le piratage d’un site depuis le réseau public, la mise sur écoute des communications voire leur brouillage. Cet article contribue sous trois formes à la résolution de ces problèmes de sécurite. Il présente une analyse détaillée des risques encourus par l’ utilisation de la technologieAtm. Il propose un état de l’art des techniques de protection des communicationsAtm qui s’appuie principalement sur les travaux menés par l’Atm Forum. Il décrit une nouvelle solution appelée Safe développée dans le cadre du projet Démostène. Safe réalise les fonctions de filtrage d’un pare-feu et assure simultanément la protection des communications passées sur le réseauAtm. L’idée forte de la solution Safe consiste à exploiter la signalisationAtm (Uni3.1) pour échanger des informations de sécurité au trovers du réseau. Cette idée a fait l’objet d’une implémentation et a été présentée à l’Atm Forum.

Mots clés

Réseau interconnecté Multiplexage asynchrone Protection information Sécurité Programme recherché 

Securing communications overAtm networks: the remoteAtm private networks interconnection example

Abstract

When remoteAtm sites communicate through anAtm public network, a number of security problems arise, such as hacking, eavesdropping and traffic tampering. This paper proposes three contributions to these security problems. Firstly, risks due toAtm technology usage are detailed. Secondly, a survey of existing techniques aiming at securingAtm communications is presented with emphasis on theAtm Forum’s security specifications. Thirdly, a new solution called Safe (which stands for Solution for anAtm Frequent communications Environment) developed in the Démostène project is described. Safe realizes both firewall’s filtering functions and communications protection over theAtm network. The main idea of Safe is to use signaling (Uni 3.1) as a means to exchange security information over the network. This idea has been implemented and introduced to theAtm Forum.

Key words

Interconnected network Atm Information protection Safety Research program 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [AFSEC 1]
    ATM forum security working group, (Draft).Atm Forum 95–1473R5, Phase I ATM security specification, (October 1996).Google Scholar
  2. [AFSEC 2]
    ATM forum security working group, (Draft).Atm Security Specification Version 1.0, (February 1998).Google Scholar
  3. [Che94]
    Cheswick (W. R.), Bellovin (S. M.), Firewalls and Internet security, repelling the wily hacker,Addison-Wesley, (1994).Google Scholar
  4. [Chu96]
    Chuang (S. C.), SecuringAtm networks, Third Acm conference on computer and communication security, New Delhi, India, (March 1996).Google Scholar
  5. [Den95a]
    Deng (R. H.), Gong (L.), Lazar (A. A.), Securing data transfer in asynchronous transfer mode networks,Proceedings of Globecom’95, Singapore, pp. 1198–1202, (November 1995).Google Scholar
  6. [Den95b]
    Deng (R. H.), Gong (L.), Lazar (A. A.), Secure control and data transfer in asynchronous transfer mode networks,Technical Report TR95–189, Institute of Systems Science, National University of Singapore, (1995).Google Scholar
  7. [El196]
    Elloumi (O.), Afiti (H.), Bonjour (D.), TCP over non-existent IP forAtm networks,Proc. of the Seventh Joint European Networking Conference, (1996).Google Scholar
  8. [For95]
    Forné (J.), Recacha (E.), Soriano (M.), Melus (J. L.), The Cripto Project architecture: A Spanish experience in broadband networks security,Ieee International Conference on Communications (Icc’95), pp. 1551–1556, (June 1995).Google Scholar
  9. [I.321]
    Ccitt I.321,B-isdn protocol reference model and its applications, (1991).Google Scholar
  10. [I. 363]
    Uit-t I.363,B-isdn Atm adaptation layer (Aal) specification, (March 1993).Google Scholar
  11. [IEEE802.10a]
    Ieee 802. 10, Standard for Interoperable Local Area Network (Lan) Security (Sils), - Part A - The Model, draft, (December 1989).Google Scholar
  12. [IEEE802.10b]
    Ieee 802. 10, Standard for Interoperable Local Area Network (Lan) Security (Sils) - Part B - Secure Data Exchange, draft, (January 1990).Google Scholar
  13. [Lau97a]
    Laurent (M.), Rolin (P.), Stoffel (L.), Security mechanisms within control plane,Contribution Atm Forum, 97–0040, San Diego, California, (February 1997).Google Scholar
  14. [Lau97b]
    Laurent (M.), Paul (O.), Rolin (P.), Securing communications overAtm networks,Ifipsec ’97, Copenhagen, Denmark, (May 1997).Google Scholar
  15. [Lau97c]
    Laurent (M.), Protection des communications sur les réseauxAtm,Ph.d. thesis, Université de Rennes I, (July 1997).Google Scholar
  16. [Pau96]
    Paul (O.), Conception et implémentation d’un module de sécurité pour les réseauxAtm,Report Me -96001, Télécom Bretagne, (September 1996).Google Scholar
  17. [Rol94]
    Rolin (P.), Toutain (L.), Gombault (S.), Network security probe,2nd Acm Conference on Computer and Communications Security,AcmSiosac, Fairfax, Virginia, pp. 229–240, (November 1994).Google Scholar
  18. [Sam96]
    Samfat (D.), Architecture de sécurité pour réseaux mobiles,Ph.d. thesis, École Nationale Supérieure des Télécommunications, (January 1996).Google Scholar
  19. [SCAN]
    Iaik, Enstk, Inelcom, Robotiker,Pta,Scan secure communications inAtm networks, slides presentation at 10thActs Concertation meeting, Brussel, (May 1998) [On line],Http address: http://www. iaik. tu-graz. ac. at/research/Scan/documents/Acm10/sld00l.htm.Google Scholar
  20. [Sch94]
    Schneier (B.), Applied cryptography: protocols, algorithms, and source code in C, VolumeIsbn 0-471-59756-2,John Wiley & Sons, (1994).Google Scholar
  21. [Ste95]
    Stevenson (D.),Hillery (N.),Byrd (G.), Secure communications inAtm networks,Communications of the Acm,38, No 2, pp. 45–52, (February 1995).CrossRefGoogle Scholar
  22. [Tar96]
    Tarman (T. D.), Pierson (L. G.), Brenkosh (J. P.), Jennings (B. J.), Witzke (E. L.), Brazee (M.), Final report for the protocol extensions forAtm security laboratory directed research and development project,Sandia National Laboratories Report SAND96–0657, (March 96).Google Scholar
  23. [TFTEN]
    Neves (P.), Canada (R.), Workpackage 11, Security in ATM networks (version 3), (December 1996), [On line],Http address: http://www. dante. net/ten-34/tf-ten/tests/atm-sec/testplan. txt.Google Scholar
  24. [UNI3.1]
    Atm Forum,Atm User-network interface specification, version 3. 1, (1994).Google Scholar
  25. [Var97]
    Varadharajan (v.), Shankaran (R.), Hetchens (M.), Security issues in asynchronous transfer mode,Atmworks’97, New Zealand, (February 1997).Google Scholar
  26. [X800]
    Uit-T X. 800, Data communication networks; open systems interconnection (Osi); security, structure and applications. Security architecture for open systems interconnection forCcitt applications, (1991).Google Scholar

Copyright information

© Springer-Verlag 1998

Authors and Affiliations

  1. 1.DRET
  2. 2.ENST de BretagneCesson Sévigné CedexFrance
  3. 3.CNET-DS-SEVIssy les MoulineauxFrance

Personalised recommendations