Cisco Knowledge Suite Cisco SystemsCisco Press
   

   
Home
MyCKS
Cutting Edge
Certification
Core Reference
Guided Learning
   
Networking Architecture
LAN
WAN
Switching
Internet Protocols (IP)
Network Protocols
Transport and Application Protocols
Desktop Protocols
Security and Troubleshooting
Network Resources and Management
Integrated Services
 

ATM Networks and Security

by Dr. Eva Bozoki - May 30, 2000

ATM Networks and Security

1. Introduction

 

2. ATM Connections

 

3. ATM Protocol Basics

 

4. Attacks

 

5. Security Measures

 

6. Placement of the User Plane Security Services

 

7. Secure Call Setup Protocol

 

8. Conclusion

 

Acknowledgement

 

References

 

About the Author

 
   

7. Secure Call Setup Protocol

The control plane security service is a two-way mutual authentication protocol between the end points of an ATM connection. Each signaling message carries a set of information units regarding the message, the connection, and the calling parties. These are called information elements (IE). A new class, the security services related IEs (SSIE), has been added to the existing list. The SSIE contains (a) certificate IEs with the identity and certificate of the user, and (b) authentication IEs with parameters used in the confidentiality and integrity services, and access control information. The following is an example of how SSIEs can be defined (a more rigorous definition can be found in [ATMSEC99]):


Certificate IE:

Communicating party's ID

Certificate ID

Authentication IE:

SSIE-ID

Security quality of service (QoS) parameters

Confidentiality parameters

Integrity parameters

Access control parameters

Digital signature (calculated over the IE or over the signaling message)

Whenever possible, the control plane security service should be incorporated into the only two signaling messages that are carried transparently through the network (end-to-end), the SETUP and CONNECT signals. However, sometimes more than two messages or longer messages are needed, in which case the security service is completed or wholly performed within the user plane virtual circuit (after the connection is established, but before data transfer).

 

Previous | Next

 

Breaking News

One of the primary architects of OpenCable, Michael Adams, explains the key concepts of this initiative in his book OpenCable Architecture.

Expert Advice

Ralph Droms, Ph.D., author of The DHCP Handbook and chair of the IETF Dynamic Host Configuration Working Group, guides you to his top picks for reliable DHCP-related information.

Just Published

Residential Broadband, Second Edition
by George Abe

Introduces the topics surrounding high-speed networks to the home. It is written for anyone seeking a broad-based familiarity with the issues of residential broadband (RBB) including product developers, engineers, network designers, business people, professionals in legal and regulatory positions, and industry analysts.

             
     

From the Brains at InformIT

|

Contact Us

|

Copyright, Terms & Conditions

|

Privacy Policy

 

© Copyright 2000 InformIT. All rights reserved.