{"title":"EESP: A Security protocol that supports QoS management","authors":"M. Mostafa, A. A. E. Kalam, C. Fraboul","doi":"10.1109/CRISIS.2008.4757476","DOIUrl":null,"url":null,"abstract":"In order to effectively manage network resources and to serve different traffic needs, several works have been done in the QoS area. Basically, ldquomulti-field (MF) packet classifiersrdquo classify a packet by looking for multiple fields of the IP/TCP headers, recognize which flow the packet belongs to, and according to this information, provide service differentiation in IP networks. However, for security purposes, existing security protocols (such as the IPSec Encapsulating Security Payload (ESP) algorithm) hides much of this information in their encrypted payloads, preventing network control devices such as routers and switches from utilizing this information in performing classification appropriately. The ESPQ (ESP considered QoS) protocol deals with this problem but unfortunately, it has some security weaknesses. In this paper we present the ESPQ vulnerabilities and we propose EESP (Enhanced encapsulated security payload) as a security protocol that provides both security and QoS.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 Third International Conference on Risks and Security of Internet and Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CRISIS.2008.4757476","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
In order to effectively manage network resources and to serve different traffic needs, several works have been done in the QoS area. Basically, ldquomulti-field (MF) packet classifiersrdquo classify a packet by looking for multiple fields of the IP/TCP headers, recognize which flow the packet belongs to, and according to this information, provide service differentiation in IP networks. However, for security purposes, existing security protocols (such as the IPSec Encapsulating Security Payload (ESP) algorithm) hides much of this information in their encrypted payloads, preventing network control devices such as routers and switches from utilizing this information in performing classification appropriately. The ESPQ (ESP considered QoS) protocol deals with this problem but unfortunately, it has some security weaknesses. In this paper we present the ESPQ vulnerabilities and we propose EESP (Enhanced encapsulated security payload) as a security protocol that provides both security and QoS.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
