Abstract
This paper proposes a new approach to provide security for MPLS multicast networks. The proposed work is based on the (k, k) Threshold Sharing Scheme (TSS) where it can protect the confidentiality of IP multicast packets transmitted though the MPLS networks. The receivers for a multicast session can reconstruct the original traffic from the k trees available. Therefore, the attacker must tap all k trees to be able to reconstruct the original IP multicast packets that are being transmitted, while attacking k − 1 or less of these trees makes it hard or even impossible to reconstruct the original IP multicast packets. Our proposed work can also provide protection against IP spoofing attacks. Moreover, our objective is also to minimize bandwidth overhead.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Mpls working group. Technical Report, IETF, http://www.ietf.org/html.charters/mpls-charter.html
Adams, A., Nicholas, J., Siadak, W.: Protocol independent multicast-dense mode (pim-dm): Protocol specification. RFC 3973 (2005)
Alouneh, S., Agarwal, A., En-nouaary, A.: A multiple tree approach for fault tolerance in MPLS networks. In: Janowski, T., Mohanty, H. (eds.) ICDCIT 2007. LNCS, vol. 4882, pp. 197–202. Springer, Heidelberg (2007)
Fenner, B., Handley, M., Holbrook, H., Kouvelas, I.: Protocol independent multicast- sparse mode (pim-sm): Protocol specification (revised). RFC 4601 (2006)
Ballardie, A.: Core based trees (cbt) multicast routing architecture. RFC 2201 (1997)
Barlow, D.A., Vassiliou, V., Owen, H.L.: A cryptographic protocol to protect mpls labels. In: Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society, pp. 237–242 (June 2003)
Behringer, M., Morrow, M.J.: MPLS VPN- Security. Cisco Press (2005)
Bhandari, R.: Survivable Networks, Algorithm for Diverse Routing. Kluwer Academic Publishers, Dordrecht (1999)
Iwaki, M., Toraichi, K., Ishii, R.: A fast polynomial interpolation for remez exchange method. In: IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, vol. 2, pp. 411–414 (1993)
Lou, W., Fang, Y.: A multipath routing approach for secure data delivery. Military Communications Conference, 2001. In: MILCOM 2001. Communications for Network-Centric Operations: Creating the Information Force, vol. 2, pp. 1467–1473. IEEE, Los Alamitos (2001)
Moy, J.: Mospf: Analysis and experience. RFC 1585, 1585
Palmieri, F., Fiore, U.: Enhanced security strategies for mpls signaling. JNW 2(5), 1–13 (2007)
PepeInjak, I., Guichard, J., Apcar, J.: MPLS and VPN Architectures, volume 2. Cisco Press (2003)
Savarda, R., Karash, M.: Explaining the gap between specification and actual performance for ipsec vpn systems. In: The Internet Security Conference Newsletter, Insight, vol. 3(9) (May 2001)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Waitzman, D., Patridge, C.: Distance vector multicast routing protocol. RFC 1075 (1988)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Alouneh, S., Agarwal, A., En-Nouaary, A. (2008). A New Approach for Security in MPLS Multicast Networks. In: Parashar, M., Aggarwal, S.K. (eds) Distributed Computing and Internet Technology. ICDCIT 2008. Lecture Notes in Computer Science, vol 5375. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89737-8_7
Download citation
DOI: https://doi.org/10.1007/978-3-540-89737-8_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89736-1
Online ISBN: 978-3-540-89737-8
eBook Packages: Computer ScienceComputer Science (R0)