Abstract
Dynamic Host Configuration Protocol(DHCP) allows the terminals to have IP address for their introduction in to the network. In this paper, a secure DHCP system is proposed, not only for user authentication but also for addressing the other security issues like confidentiality, integrity and privacy. Proposed S-DHCP, makes use of the users legitimate right for an IP address such that legitimate user on a particular terminal can exercise it’s right to get allocated and use an IP address from S-DHCP. Thus S-DHCP protects unauthenticated and unauthorized access of confidential informationat one hand which keeping their integrity intact in a private mode from within the network to the outside world over Internet. Simulation and preventing the fabrication of IP addresses and MAC addresses leading to unauthorized access control is difficult and our effort is to incorporate session-ID for user authentication without any modification on DHCP client to produce the desired result.This paper attempts to introduce proposed S-DHCP, its principle, to plug vulnerabilities and other efforts on optimization over the design of protocols in a secured environment.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Wellington, B.: RFC 3007, Secure Domain Name System(DNS) Dynamic updates, Internet Engineering Task Force (November 2000)
Ramaswamy, C., Scoot, R.: Secure Domain Name System(DNS) Deploying Guide, Draft National Institute of Standards and Technology. NIST Special Publication 800-81, April 11 (2005)
Robert, J.: Dynamic DNS and Location Tracking Risks and Benefits, Craic comuting Technical report (2006)
Yasmin, S., Yousaf, M., Qayyum, A.: Security Issues Related with DNS Dynamic Updates for Mobile Nodes: A Survey. In: FIT 2010, Islamabad, Pakistan, December 21-23 (2010)
Perkins, C., Luo, K.: Using DHCP with computers that move. Wireless Networks (March 1995)
Komori, T., Satio, T.: The Secure DHCP systems with User Authentication. In: Proceedings of the 27th Annual IEEE Conference on Local Computer Networks, LCN 2002, November 6-8, pp. 123–131 (2000)
Droms, R., Arbaugh, W.: Authentication for DHCP Messages, RFC 3118, IETF (June 2001)
Drach, S.: DHCP option for open GroupÅ› User Authentication Protocol, RFC 2485, IETF (January 1999)
Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol, RFC 2401, IETF (November 1998)
Demerjian, J., Serhrouchni, A.: EDHCP: Extended Dynamic Host Configuration protocol (2004), doi:0-7803-8482-2/04/IEEE
Jonsson, J., Kaliski, B.: Public-Key cryptography Standards (PKCS) 1: RSA Cryptography Specification Version 2.1, RFC 3447, IETF (February 2003)
ITU-T Recommendations(a) X.509, Information technology Open System Interconnection The Directory: Authentication Frameworks (1997)
ITU-T Recommendations (b) X.509, Information technology Open System Interconnection The Directory: Public Key and attribute Certificate Frameworks (2000)
Ishibashi, H., Yamai, N., Abe, K., Ohnishi, K., Matsuura: A Protection method against Unauthorized access and /or Address Spoofing for open network Access Systems. Journal of Information Processing Society of Japan 40(12), 4335–4361 (1999)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Srivastava, A.K., Misra, A.K. (2012). Plugging DHCP Security Holes Using S-DHCP. In: Meghanathan, N., Nagamalai, D., Chaki, N. (eds) Advances in Computing and Information Technology. Advances in Intelligent Systems and Computing, vol 176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31513-8_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-31513-8_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31512-1
Online ISBN: 978-3-642-31513-8
eBook Packages: EngineeringEngineering (R0)