I-D Action:draft-hong-nsis-pbs-nslp-02.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : PBS NSLP: Network Traffic Authorization
	Author(s)       : S. Hong, H. Schulzrinne
	Filename        : draft-hong-nsis-pbs-nslp-02.txt
	Pages           : 28
	Date            : 2008-11-03

This document describes the NSIS Signaling Layer protocol (NSLP) for
network traffic authorization on the Internet, the Permission-Based
Sending (PBS) NSLP.  This NSLP aims to prevent Denial-of-Service
(DoS) attacks and other forms of unauthorized traffic.  PBS NSLP is
based on the proactive approach of explicitly granting permissions
and the reactive approach of monitoring and reacting against the
attacks.  Signaling installs and maintains the permission state of
routers for a data flow.  PBS NSLP uses two security mechanisms:
message security in an end-to-end fashion and channel security in a
hop-by-hop fashion.  The message security is for protecting the
integrity of the message on end-to-end traffic and channel security
is for protecting the integrity and confidentiality between adjacent
nodes.  These security mechanisms enable the secure distribution of
shared keys, as well as protection of signaling messages.  To
authenticate data packets, the PBS NSLP requests a sender to use an
existing security protocol, the IPsec Authentication Header (AH).
This allows routers to drop bogus packets by using an IP packet
filter.  To avoid a compromised router that drops legitimate packets,
the PBS NSLP triggers the sender to change the data flow path.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-hong-nsis-pbs-nslp-02.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ftp.ietf.org/internet-drafts/draft-hong-nsis-pbs-nslp-02.txt>
_______________________________________________

I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux