防止盗窃开放平台的服务质量

Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005. Pub Date : 2005-09-05 DOI:10.1109/SECCMW.2005.1588319

Kwang-Hyun Baek, Sean W. Smith

{"title":"防止盗窃开放平台的服务质量","authors":"Kwang-Hyun Baek, Sean W. Smith","doi":"10.1109/SECCMW.2005.1588319","DOIUrl":null,"url":null,"abstract":"As multiple types of traffic converge onto one network, frequently wireless, enterprises face a tradeoff between effectiveness and security. Some types of traffic, such as voice-over-IP (VoIP), require certain quality of service (QoS) guarantees to be effective. The end client platform is in the best position to know which packets deserve this special handling. In many environments (such as universities), end users relish having control over their own machines. However, if end users administer their own machines, nothing stops dishonest ones from marking undeserving traffic for high QoS. How can an enterprise ensure that only appropriate traffic receives high QoS, while also allowing end users to retain control over their own machines? In this paper, we present the design and prototype of a solution, using SELinux, TCPA/TCG hardware, Diffserv, 802.1x, and EAP-TLS.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Preventing theft of quality of service on open platforms\",\"authors\":\"Kwang-Hyun Baek, Sean W. Smith\",\"doi\":\"10.1109/SECCMW.2005.1588319\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As multiple types of traffic converge onto one network, frequently wireless, enterprises face a tradeoff between effectiveness and security. Some types of traffic, such as voice-over-IP (VoIP), require certain quality of service (QoS) guarantees to be effective. The end client platform is in the best position to know which packets deserve this special handling. In many environments (such as universities), end users relish having control over their own machines. However, if end users administer their own machines, nothing stops dishonest ones from marking undeserving traffic for high QoS. How can an enterprise ensure that only appropriate traffic receives high QoS, while also allowing end users to retain control over their own machines? In this paper, we present the design and prototype of a solution, using SELinux, TCPA/TCG hardware, Diffserv, 802.1x, and EAP-TLS.\",\"PeriodicalId\":382662,\"journal\":{\"name\":\"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-09-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECCMW.2005.1588319\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECCMW.2005.1588319","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

摘要

随着多种类型的流量汇聚到一个网络(通常是无线网络)，企业面临着有效性和安全性之间的权衡。某些类型的流量，如ip语音(VoIP)，需要一定的服务质量(QoS)保证才能有效。终端客户端平台是知道哪些数据包值得这种特殊处理的最佳位置。在许多环境中(如大学)，最终用户喜欢控制自己的机器。然而，如果最终用户管理他们自己的机器，没有什么可以阻止不诚实的人将不值得的流量标记为高QoS。企业如何确保只有适当的流量才能获得高QoS，同时还允许最终用户保留对自己机器的控制?在本文中，我们提出了一个解决方案的设计和原型，使用SELinux, TCPA/TCG硬件，Diffserv, 802.1x和EAP-TLS。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Preventing theft of quality of service on open platforms

As multiple types of traffic converge onto one network, frequently wireless, enterprises face a tradeoff between effectiveness and security. Some types of traffic, such as voice-over-IP (VoIP), require certain quality of service (QoS) guarantees to be effective. The end client platform is in the best position to know which packets deserve this special handling. In many environments (such as universities), end users relish having control over their own machines. However, if end users administer their own machines, nothing stops dishonest ones from marking undeserving traffic for high QoS. How can an enterprise ensure that only appropriate traffic receives high QoS, while also allowing end users to retain control over their own machines? In this paper, we present the design and prototype of a solution, using SELinux, TCPA/TCG hardware, Diffserv, 802.1x, and EAP-TLS.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.

自引率

0.00%

发文量

期刊最新文献

Cyberprofiling: offender profiling and geographic profiling of crime on the Internet Sharing network logs for computer forensics: a new tool for the anonymization of netflow records Full agreement in BAN kerberos Privacy in distributed reputation management A policy-based approach to wireless LAN security management