Please use this identifier to cite or link to this item: http://localhost:8080/xmlui/handle/123456789/6685
Title: DESIGN AND IMPLEMENTATION OF A TRANSPARENT SECURE LAN
Authors: Faraj, Sufyan T.
Barjas, Firas R.
Keywords: LAN
security
encryption
authentication
transparent
NDIS intermediate driver
Issue Date: Dec-2006
Publisher: Journal of Engineering
Series/Report no.: 13;4
Abstract: Many attacks may be carried out against communications in Local Area Networks (LANs). However, these attacks can be prevented, or detected, by providing confidentiality, authentication, and data integrity security services to the exchanged data. This paper introduces a security system that protects a LAN from security attacks. On each host in the protected LAN, the security system transparently intercepts each outbound IP (Internet Protocol) packet, and inserts a crypto header between the packet IP header and payload. This header is used to detect any modification to the content of the packet in transit, and to detect replayed packets. Then, the system encrypts the IP packet payload and some fields of the inserted crypto header. On the other hand, the system transparently intercepts each inbound IP packet, decrypts its encrypted portions, and then uses its crypto header to authenticate the packet. If the packet is properly authenticated, the system indicates it to upper protocols. To be transparent to applications, the security system part that processes inbound and outbound IP packets was implemented as a NDIS (Network Driver Interface Specification) intermediate driver that resides between the LLC (Logical Link Control) and MAC (Medium Access Control) data link sublayers.
URI: http://localhost:8080/xmlui/handle/123456789/6685
Appears in Collections:قسم نظم المعلومات

Files in This Item:
File Description SizeFormat 
024ca3168d8cdf4f.pdf2.14 MBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.