Abstract
In this paper, we propose a novel Secure Name Service (SNS) framework for enhancing the service availability between collaborative domains (e.g. extranets). The key idea is to enforce packet authentication through resource virtualization and utilize dynamic name binding to protect servers from unauthorized accesses, denial of service (DOS) and other attacks. Different from traditional static network security schemes such as VPN, the dynamic name binding of SNS allows us to actively protect critical resources through distributed filtering mechanisms built in collaborative domains. In this paper, we present the architecture of the SNS framework, the design of SNS naming scheme, and the design of authenticated packet forwarding. We have implemented the prototype of authenticated packet forwarding mechanism on Linux platforms. Our experimental results demonstrate that regular Linux platforms are sufficient to support the SNS authenticated packet forwarding for 100 Mbps and 1 Gbps Ethernet LANs. To further improve the performance and scalability, we have also designed and implemented unique two-layer fast name lookup schemes.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
