Breadcrumb

 
 

Design and Validation of Automated Authentication, Key and Adjacency Management for Routing Protocols

Title:

Design and Validation of Automated Authentication, Key and Adjacency Management for Routing Protocols

Bangalore Somanatha, Revathi (2012) Design and Validation of Automated Authentication, Key and Adjacency Management for Routing Protocols. Masters thesis, Concordia University.

[img]PDF - Accepted Version
Available under License Spectrum Terms of Access.

3531Kb

Abstract

To build secure network-based systems, it is important to ensure the authenticity and integrity of the inter-router control message exchanges. Authenticating neighbors and ensuring their legitimacy is essential. Otherwise, the routes installed could be erroneous or targeted at causing an attack on the system.

Current methods, which are based on manual keying, are error prone, not scalable, and result in keys being changed infrequently (or not at all) due to lack of authorized personnel. These issues can be addressed only by having an automated key management system that can automatically generate, distribute and update keys.

The issue can be cast as a group key management problem with a `keying group' defined as the set of all routers that share the same key. A keying group can be as large as an entire administrative domain, or as small as a pair of peer routers. The smaller the scope of the key the less damaging the loss of a single key is likely to be.

In this thesis, we propose an automated key management system that will be able to handle different categories of keying groups and also ensure important properties such as adjacency management, protection against replay attacks, confidentiality of messages, smooth key rollover, and robustness across reboots. Although there is some ongoing work with regard to developing automated key management systems, none of the existing methods handles all these cases. We have formally validated the protocol designed, for essential security properties such as authentication, confidentiality, integrity and replay protection, using a formal validation tool called AVISPA.

Divisions:Concordia University > Faculty of Engineering and Computer Science > Computer Science and Software Engineering
Item Type:Thesis (Masters)
Authors:Bangalore Somanatha, Revathi
Institution:Concordia University
Degree Name:M. Comp. Sc.
Program:Computer Science
Date:August 2012
Thesis Supervisor(s):Atwood, John William
ID Code:974544
Deposited By:REVATHI BANGALORE SOMANATHA
Deposited On:30 Oct 2012 11:45
Last Modified:15 Nov 2012 16:20
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Document Downloads

More statistics for this item...

Concordia University - Footer