By Topic

Network, IEEE

Issue 3 • Date May-June 1997

Filter Results

Displaying Results 1 - 7 of 7
  • Network And Internet Security (Guest Editorial)

    Page(s): 11
    Save to Project icon | Request Permissions | PDF file iconPDF (154 KB)  
    Freely Available from IEEE
  • Merging and extending the PGP and PEM trust models-the ICE-TEL trust model

    Page(s): 16 - 24
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2048 KB)  

    The ICE-TEL project is a pan-European project which is building an Internet X.509-based certification infrastructure throughout Europe plus several secure applications that will use it. This article describes the trust model being implemented by the project. A trust model specifies the means by which a user may build trust in the assertion that a remote user is really who he purports to be (authentication) and that he does in fact, have a right to access the service or information he is requesting (authorization). The ICE-TEL trust model is based on a merging of and extensions to the existing pretty good privacy (PGP) web of trust and privacy-enhanced mail (PEM) hierarchy of trust models, and is called a web of hierarchies trust model. The web of hierarchies model has significant advantages over both previous models, and these are highlighted. The article further describes the way the trust model is enforced through some of the new extensions in the X.509 V3 certificates, and gives examples of its use in different scenarios View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Asynchronous transfer mode security

    Page(s): 34 - 40
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (912 KB)  

    It is envisioned that asynchronous transfer mode (ATM) will provide scalable and high-performance application-independent security services. The ATM Forum Security Working Group is currently developing its phase one security specification, which defines a number of security services for the ATM user plane and control plane. In addition, mechanisms for carrying security-related messages and required security infrastructure mechanisms are also being defined. These mechanisms will allow an organization to build an ATM network which not only meets its performance objectives, but also its information protection requirements as specified in its site security policy. This article provides an overview of ATM security as specified by the ATM Forum Security Working Group. First, the ATM user and control planes' security services and mechanisms are described. Then the security messaging mechanisms at connection establishment and during the connection lifetime phases are discussed View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security issues in all-optical networks

    Page(s): 42 - 48
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (916 KB)  

    All-optical networks are emerging as a promising technology for terabit per second class communications. However, they are intrinsically different from electro-optical networks, particularly because they do not regenerate signals in the network. The characteristics of all-optical network components and architectures manifest new and still unstudied security vulnerabilities but also offer a new array of possible countermeasures. We focus on two types of attacks on the physical security of the network: service disruption, which prevents communication or degrades quality of service (QoS), and tapping, which compromises privacy by providing unauthorized users access to data which may be used for eavesdropping or traffic analysis View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Key derivation for network management applications

    Page(s): 26 - 29
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (452 KB)  

    This article describes a key derivation method that greatly simplifies key distribution issues for network management (NM) applications and may in some cases relieve NM stations from the need to store any keys at all. This method is easily generalized for network protocols and applications where several “masters” need to talk to a large number of “slaves”. It shows a way to cut down on the amount of keys stored with little impact on security. This is especially important when human users are involved View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The changing environment for security protocols

    Page(s): 12 - 15
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (624 KB)  

    The systematic study of security protocols started, as far as the public literature is concerned, almost 20 years ago. A paper by M.D. Schroeder and the present writer may be taken as a specimen; it was written in 1977 and published in 1978. It was, of course, written against the background of the technology of the time and made various assumptions about the organizational context in which its techniques would be used. The substantial research literature that has since appeared has, by and large, made similar assumptions about the technological organizational environments. Those environments have in fact changed very considerably, and the purpose of this article is to consider whether the changes should affect our approach to security problems. It turns out that where confidentiality is concerned, as distinct from authenticity and integrity, there is indeed a new range of options View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security-enhanced mailing lists

    Page(s): 30 - 33
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (440 KB)  

    The Computer Center at the Technical University of Berlin (PRZ) has developed a security-enhanced mail exploder. It uses the well-known technology of public key cryptography to improve confidentiality and authenticity of a mailing list. One of the design goals was ease of use. No participant of a secure mailing list needs to know a public key of any other member; all a sender has to know is the public key of the mailing list. In this scheme PRZ gets the clear text of the message before it is distributed to the members of the mailing list. This article discusses several possibilities to improve the confidentiality by omitting the clear text phase. The goal is for PRZ to be able to forward the mail but not read it View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

IEEE Network covers topics which include: network protocols and architecture; protocol design and validation; communications software; network control, signaling and management; network implementation (LAN, MAN, WAN); and micro-to-host communications.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Xuemin (Sherman) Shen, PhD
Engineering University of Waterloo