A secured, automated, and dynamic end‐to‐end service level negotiation

Abstract

SUMMARYToday, the emerging new services like voice over IP and video on demand require some guarantees in terms of QoS. These services can be accessed using wireless technologies, such as Wi‐Fi or WiMAX (Worldwide Interoperability for Microwave Access). This may make the service delivery vulnerable to security attacks because of the open medium on which wireless technologies are based. Thus, in addition to QoS level, security level must also be guaranteed for the provided services. In this paper, we present the service level negotiation protocol, which ensures a dynamic negotiation of a service level covering both QoS and security. Moreover, the negotiation flow itself could be the target of some malicious attacks. Indeed, these attacks can aim to degrade the service level (QoS and / or security) or to make an entity, which is involved in a negotiation, unavailable, etc. Thus, the objective of this paper is to study the security of the flow corresponding to the negotiation provided by service level negotiation protocol. In fact, the security required by this flow will be provided through the use of three different mechanisms: Web services security, secure sockets layer, and IP security protocol. Because these security mechanisms may have an impact on the negotiation protocol performances, we will also evaluate this impact to adopt the security solution that allows minimizing it. Copyright © 2012 John Wiley & Sons, Ltd.