Abstract
Legacy IP address-based access control has met many challenges, because the network nodes cannot be identified accurately based on their variable IP addresses. “Locator/Identifier Split” has made it possible to build a network access control mechanism based on the permanent identifier. With the support of “Locator/Identifier Split” routing and addressing concept, the Identifier-based Access Control (IBAC) makes net-work access control more accurate and efficient, and fits for mobile nodes’ access control quite well. Moreover, Self-verifying Identifier makes it possible for the receiver to verify the packet sender’s identity without the third part authentication, which greatly reduces the probability of “Identifier Spoofing”.
Highlights
In the current TCP/IP architecture, IP address has dual semantic functions, which indicates both the network node’s routing locator and its endpoint identifier [1]
“Locator/Identifier Split” has made it possible to build a network access control mechanism based on the permanent identifier
We propose LISA Network Access Control (LISA-NAC) which is a new network access control mechanism based on the Locator Identifier Separation Architecture (LISA) [4]
Summary
In the current TCP/IP architecture, IP address has dual semantic functions, which indicates both the network node’s routing locator and its endpoint identifier [1]. IP address-based access control limits the resource access when a node changes its location. “IP Overload” makes IP address-based access control even more complex, and greatly affects its defense efficiency: 1) Because IP address is a variable label, it can’t be used as an accurate identifier of the nodes. We propose LISA Network Access Control (LISA-NAC) which is a new network access control mechanism based on the Locator Identifier Separation Architecture (LISA) [4]. The main contributions of LISA-NAC are the Identifier Based Access Control (IBAC) model and the Self-Verifying Identifier, which will make network access control more efficient. Sulated packet arrives at the destination (the LISA Router), the LISA Router decapsulates the packet, and forwards the original packet to the destination host according to the Identifier
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Communications, Network and System Sciences
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
