PL EN


Preferencje help
Widoczny [Schowaj] Abstrakt
Liczba wyników
Tytuł artykułu

Authentication over Internet Protocol

Treść / Zawartość
Identyfikatory
Warianty tytułu
Języki publikacji
EN
Abstrakty
EN
Defending against DoS (denial of service) attacks has become a great challenge, especially for institutions that provide access to their services in the public network. State-of-the-art identity concealing tools and vast number of computers connected to the network require ensuring appropriate means for entities at risk to enable defence from the particular type of threats. This article presents a concept of user authentication in IP communication. The concept consists in providing the receiver with the possibility to determine sender՚s identity at the Internet layer level. This provides both the capability of defence against DoS attacks and possibility of utilizing the presented model over existing Internet network, which is directly responsible for transmission. The authors hope that the concept is a significant step in the perception of public network data transmission.
Rocznik
Strony
245--253
Opis fizyczny
Bibliogr. 31 poz., rys., tab.
Twórcy
  • Institute of Technology, Department of Computer Science, Kazimierz Wielki University, Poland
  • Institute of Technology, Department of Computer Science, Kazimierz Wielki University, Poland
  • Institute of Technology, Department of Computer Science, Kazimierz Wielki University, Poland
autor
  • Institute of Technology, Department of Computer Science, Kazimierz Wielki University, Poland
autor
  • Prof. Stepan Gzhytsky National University of Veterinary Medicine and Biotechnologies Lviv, Ukraine
autor
  • University of Information Technology and Managment Copernicus, ul. Inowrocławska 56, 53-648 Wrocław, Poland
  • Institute of Technology, Department of Computer Science, Kazimierz Wielki University, Poland
Bibliografia
  • [1] C.E. Shannon, “A mathematical theory of communication”, The BELL System Technical Journal 27, 379–423 and 623–656 (1948).
  • [2] IBM Knowledge Center, (last modified 2012) [Online]. Available: http://publib.boulder.ibm.com/infocenter/eserver/v1r2/index.jsp? topic=%2Fewlminfo%2Feicaawkldbalancing.htm [Accessed: 22-Feb-2020].
  • [3] B. Dowling and K. Paterson, “A cryptographic analysis of the wireguard protocol”, in ACNS, 2018.
  • [4] RSA Laboratories. PKCS 1 v2.1: RSA Cryptography Standard June 2002, (last modified 2012) [Online]. Available: ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2- 1.pdf [Accessed: 22-Feb-2020].
  • [5] Open source router and firewall platform, (last modified 2019) [Online]. Available: https://vyos.io [Accessed: 22-Feb-2020].
  • [6] “Standards for efficient cryptography.” Technical report, SEC 1: Elliptic Curve Cryptography, 2012.
  • [7] D. Mazur, A. Paszkiewicz, M. Bolanowski, G. Budzik, and M. Oleksy, “Analysis of possible sdn use in the rapid prototyping pro-cess as part of the industry 4.0”, Bull. Pol. Ac.: Tech., 67(1), 21‒30 (2019).
  • [8] Rewolucja w bezpiecznych połączeniach VPN z WireGuard, (last modified 2019) [Online]. Available: https://www.hostersi.pl/rewolucja-wbezpiecznychpolaczeniach-vpn-z-wireguard/ [Accessed: 22-Feb-2020].
  • [9] “Request for comments 791, protocol specification.” Technical report, Information Sciences Intitute, September 1981.
  • [10] SHA-3 project, (last modified 2019) [Online]. Available: https://csrc.nist.gov/projects/hash-functions/sha-3-project [Accessed: 22-Feb-2020].
  • [11] Kerberos FAQ, v2.0, (last modified 2000) [Online]. Available: http://www.faqs.org/faqs/kerberos-faq/general/ [Accessed: 22-Feb-2020].
  • [12] R. Rivest, “Request for comments: 1321, The MD5 messagedigest Algorithm”, Network Working Group, April 1992.
  • [13] C. Neuman, T. Yu, S. Hartman, and K. Raeburn. “The kerberos network authentication service (v5). Request for Comments: 4120”, Network Working Group, 2005.
  • [14] C. L. Schuba, M. G. Huhn, E. H. Spafford, and A. Sundaram. “Analysis of a denial of service attack on tcp.” Computer Science Technical Reports, 1327, 1996.
  • [15] R.K.C. Chang, “Defending against flooding-based distributed denial-of-service attacks: a tutorial”, IEEE Commun. Mag. 40, 42‒51 (2002).
  • [16] D. Moore, G.M. Voelker, and S. Savage. “Inferring internet denial-of-service activity”, ACM Trans. Comput. Sys. 24, 115–139 (2006).
  • [17]P. Pietkiewicz, K. Nalepa, W. Miąskowski, and M. Wilamowska-Korsak, “A system for monitoring and controlling a thermal energy store and an energy capture system”, Bull. Pol. Ac.: Tech., 66(6), 941‒946 (2018).
  • [18]VYATTA, (last modified 2008) [Online]. Available: http://www.vyatta.com [Accessed: 22-Feb-2020].
  • [19]M. Chiang and A.R. Calderbank. “Layering as optimization decomposition: A mathematical theory of network architectures”, Proceedings of the IEEE, 95, 255–312 (2007).
  • [20]J.K. Millen, “A resource allocation model for denial of service”, IEEE Computer Society Symposium, 137–147 (1992).
  • [21]S. Kent and K. Seo, “Request for comments: 4301, security architecture for the internet protocol.” NetworkWorking Group, December 2005.
  • [22]S. Kent, “Request for comments: 4302, ip authentication header.” Network Working Group, December 2005.
  • [23]GNU shishi, (last modified 2002) [Online]. Available: http://www.gnu.org/software/shishi/ [Accessed: 22-Feb-2020].
  • [24]M.A. Sirbu and J.C.I. Chuang, “Distributed authentication in kerberos using public key cryptography”, Network and Distributed System Security, 134–141 (1997).
  • [25] B.C. Neuman and T. Ts’o, ”Kerberos: an authentication service for computer networks”, IEEE Commun. Mag., 32, 33‒38 (1994).
  • [26] Heimdal kerberos and security software, (last modified 2008) [Online]. Available: http://www.h5l.org/ [Accessed: 22-Feb-2020].
  • [27] C. Meadows, “A formal framework and evaluation method for network denial of service”, IEEE Computer Security Foundations Workshop, 4–13 (1999).
  • [28] “Digital signature standards (dss).” Technical Report vol. 74, pp. 27287‒27288, National Institiute of Standards and Technology.
  • [29] Microsoft NTLM, (last modified 2012) [Online]. Available: http://msdn.microsoft.com/enus/ library/ windows/desktop/aa378749(v=vs.85).aspx [Accessed: 22-Feb-2020].
  • [30] J. Donenfeld, “Wireguard: Next generation kernel network tunnel”, in 24th Annual Network and Distributed System Security Symposium, (2017).
  • [31] K. Park and H. Lee, “On the effectiveness of probabilistic packet marking for ip traceback un-der denial of service attack”, Computer Science Technical Reports, (2007).
Uwagi
PL
Opracowanie rekordu ze środków MNiSW, umowa Nr 461252 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2020).
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-7cf3e8b1-f339-425d-a7ed-aaeb8f6f29fa
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.