|
|
|
ATM Networks and Security
by Dr. Eva Bozoki - May 30, 2000
6. Placement of the User Plane Security Services
In considering the placement of user plane security services, it is
important to evaluate the impact of the different locations. Placing
the services in or below the ATM layer would require the encryption
of the whole cell (header and payload), thereby degrading the switch
performance. This would also expose the payload because the switches
would have to decrypt and encrypt the cell. The complexity of key management
also would be increased because the switches would require encryption/decryption
keys. In addition, if the security services were placed in the physical
layer, they would have to operate at ATM line speed (in order to deal
with invalid and idle cells in addition to the valid cells).
By placing the user plane security services in the AAL layer, the lower-level
headers would be transmitted in the clear; therefore, this solution
does not provide flow confidentiality. In addition, because AAL is usually
implemented as a single unit, no interfaces exist where the security
services could be incorporated.
Placing the user plane security services above the AAL layer, the security
services would have to be adopted for each higher layer (above AAL),
thus multiplying the implementation effort.
This leaves the only suitable solution: The security services must
be situated between the AAL and the ATM layers.
|
|
 |
|
|
Breaking News
|
|
One of the primary architects of OpenCable, Michael
Adams, explains the key concepts of this initiative in his book
OpenCable Architecture.
|
|
|
|
|
Just Published
|
|
 Residential
Broadband, Second Edition
by George Abe
Introduces the topics surrounding high-speed networks
to the home. It is written for anyone seeking a broad-based familiarity
with the issues of residential broadband (RBB) including product
developers, engineers, network designers, business people, professionals
in legal and regulatory positions, and industry analysts.
|
|
|
|
|
