Abstract
Ensuring end-to-end Quality of Service for traffic that traverse multiple Autonomous Systems (AS) is today a major challenge for ISPs. the QoS requirement became inevitable with the evolution of the amount of traffic flowing over the Internet, and also of the important diversity of these traffic types. Each type of traffic requires a specific QoS parameters. To respond to this need, we proposed in a previous work a new mechanism which is mainly based on Class Manager server set in each AS and can provide the same traffic QoS guarantees even during the passage through several ASs. These Class Manager Servers collect information concerning quality of service set up within the AS, and then they exchange them. This exchange may present a serious security weakness of all the architecture, and it can be an important vulnerability of the whole network. In this paper, we discuss the main security issues of the proposed mechanism, concerning the communication between the CM server and the internal routers and also the exchange between the CM Servers. We give an architecture to avoid vulnerablity during the exchange of information.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bakkali, S., Benaboud, H., Ben Mamoun, M.: On Ensuring End-to-End Quality of Service in Inter-Domain Environment. In: Gramoli, V., Guerraoui, R. (eds.) NETYS 2013. LNCS, vol. 7853, pp. 326–330. Springer, Heidelberg (2013)
Bakkali, S., Benaboud, H., Ben Mamoun, M.: Management of Inter-domain Quality of Service Using DiffServ Model in Intra-domain. In: Swiątek, J., Grzech, A., Swiątek, P., Tomczak, J.M. (eds.) Advances in Systems Science. AISC, vol. 240, pp. 727–736. Springer, Heidelberg (2014)
Braden, R., Clark, D., Shenker, S. : Integrated Services in the Internet Architecture: an Overview. IETF Informational, RFC 1633 (1994)
Blake,S., Black,D., Carlson,M., Davies,E., Wang,Z., Weiss,W.: An Architecture for Differentiated Services. IETF Informational, RFC 2475 (1998).
Rosen, E., Viswanathan, A., Callon, R.: Multiprotocol Label Switching Architecture. IETF Standards Track, RFC 3031 (2001).
Bourasa, C., Sevasti, A.: Service level agreements for DiffServ-based services’ provisioning. Journal of Network and Computer Applications 28(4), 285–302 (2005)
Van Mieghem, P., Kuipers, F.A.: Concepts of exact QoS routing algorithms. IEEE/ACM Transaction on Networking 12(5), 851–864 (2004)
Korkmaz, T., Krunz, M.: Multi-constrained optimal path selection. In: INFOCOM 2001 Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies, pp. 834–843 (2001)
Rekhter, Y., Li, T., Hares, S.: A Border Gateway Protocol 4 (BGP-4). IETF Standards Track, RFC 4271 (2006)
L. Xiao, Lui, K.-S., Wang, J., Nahrstedt, K.: QoS extension to BGP. In: Proceedings of the 10th IEEE International Conference on Network Protocols, pp. 100–109 (2002)
Farrel, A., Vasseur, J.-P., Ayyangar, A. : A Framework for Inter-Domain Multiprotocol Label Switching Traffic Engineering.IETF Informational, RFC 4726 (2006).
Howartha, P., Boucadairb, M., Flegkasa, P., Wanga, N., Pavloua, G., Morandb, P., Coadicb, T., Griffinc, D., Asgarid, A., Georgatsosen, P.: End-to-end quality of service provisioning through inter-provider traffic engineering. Computer Communications 29, 683–702 (2006)
Misseri, X., Rougier, J.-L., Moretti, S.: Auction-type framework for selling inter-domain paths. In: Proceedings of The International Conference on Network and Service Management (CNSM), pp. 284–291 (2013)
Sprintson, A., Yannuzzi, M., Orda, A., Masip-Bruin, X.: Reliable Routing with QoS Guarantees for Multi-Domain IP/MPLS Networks. In: 26th IEEE International Conference on Computer Communications IEEE INFOCOM 2007, pp. 1820–1828 (2007)
Frikha, A., Lahoud, S., Cousin, B.: A Hybrid End-to-End QoS Path Computation Algorithm for PCE-Based Multi-Domain Networks. Journal of Network and Systems Management, 1–27 (2013)
Djarallah, N.B., Pouyllau, H., Lahoud, S., Cousin, B.: Multi-constrained path computation for inter-domain QoS-capable services. International Journal of Communication Networks and Distributed Systems 12(4), 420–441 (2014)
Metz, C.: AAA protocols: authentication, authorization, and accounting for the Internet. IEEE Internet Computing 3(6), 75–79 (1999)
Neuman, B.C.: Kerberos: an authentication service for computer networks. IEEE Communications Magazine 32(9), 33–38 (1994)
Dierks, T., Allen, C.: The TLS Protocol. RFC 2246, IETF Network Working Group (January 1999)
Haller, N., Metz, C., Nesser, P., Straw, M.: A One-Time Password System. RFC 2289, Internet Standard (February 1998)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Benaboud, H., Bakkali, S., Randriamampionona, J.J. (2015). Security Issues on Inter-Domain Routing with QoS-CMS Mechanism. In: El Hajji, S., Nitaj, A., Carlet, C., Souidi, E. (eds) Codes, Cryptology, and Information Security. C2SI 2015. Lecture Notes in Computer Science(), vol 9084. Springer, Cham. https://doi.org/10.1007/978-3-319-18681-8_23
Download citation
DOI: https://doi.org/10.1007/978-3-319-18681-8_23
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18680-1
Online ISBN: 978-3-319-18681-8
eBook Packages: Computer ScienceComputer Science (R0)