Service Cloaking and Authentication at Data Link Layer

Service Cloaking and Authentication at Data Link Layer

This paper discusses that there is significant benefit in providing stronger security at lower layers of the network stack for hosts connected to a network. It claims to reduce the attack vulnerability of a networked host by providing security mechanisms in a programmable Network Interface Card (NIC...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:arXiv.org 2008-04
1. Verfasser: Arun Kumar S P
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Authentication
Data links
Interface cards
Security
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This paper discusses that there is significant benefit in providing stronger security at lower layers of the network stack for hosts connected to a network. It claims to reduce the attack vulnerability of a networked host by providing security mechanisms in a programmable Network Interface Card (NIC). Dynamic access control mechanisms are implemented in hardware to restrict access to the services provided, only to authenticated hosts. This reduces server vulnerability to various layer 2 attacks. Also the services will be immune to zero-day vulnerabilities due to the minimal code execution paths. To this end, it presents architecture and implementation details of a programmable network interface card equipped with these measures. It works alongside, and augments, existing security protocols making deployment practical.
ISSN:2331-8422