short-paper

A mobile IP based WLAN security management framework with reconfigurable hardware acceleration

Authors:

Soumya Maity,

Padmalochan Bera,

Soumya Kanti GhoshAuthors Info & Claims

SIN '10: Proceedings of the 3rd international conference on Security of information and networks

Pages 218 - 223

https://doi.org/10.1145/1854099.1854143

Published: 07 September 2010 Publication History

Get Access

Abstract

The increasing use of wireless technologies in enterprise networks demands strong security management and policy enforcement mechanisms. The conventional security management frameworks used in wired LAN do not suit in wireless domain due to dynamic topology and mobility of hosts. The enforcement of organizational security policies in wireless LAN requires appropriate access control models as well as correct distribution of access control rules in the network access points. In this paper, we propose a WLAN security management framework supported by a spatio-temporal RBAC (STRBAC) model. The concept of mobile IP has been used to ensure a fixed layer 3 address of a mobile host. Each wireless policy zone consists of a Policy Zone Controller that coordinates with a dedicated Local Role Server to extract the low level access configurations corresponding to the zone access routers. The system can be mapped into a reconfigurable hardware to exploit the parallelism in computing. We also propose a formal STRBAC model to represent the global security policies formally and a SAT based decision procedure to verify the access configurations

References

[1]

C. Basile, A. Lioy, G. M. Prez, F. J. G. Clemente, and A. F. G. Skarmeta. POSITIF: a policy-based security management system, In 8th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY07), pp.280--280, Bologna, Italy, June 2007.

Digital Library

Google Scholar

[2]

G. Lapiotis, B. Kim, S. Das, and F. Anjum. A Policy-based Approach to Wireless LAN Security Management, In International Workshop on Security and Privacy for Emerging Areas in Communication Networks, pp.181--189, Athens, Greece, September 2005.

Crossref

Google Scholar

[3]

J. Burns, A. Cheng, P. Gurung, S. Rajagopalan, P. Rao, D. Rosenbluth, and D. Martin. Automatic Mnagement of Network Security Policy, Proceedings of the 2nd DARPA Information Survivability Conference and Exposition (DISCEX II) pp.12--26, Anaheim, California, June 2001.

Crossref

Google Scholar

[4]

A. Westrinen, J. Schnizlein, J. Strassner, M. Scherling, B. Quinn, S. Herzog, M. Carlson, J. Perry and S. Wldbusser. RFC 3198: Terminology for Policy-Based Management, Internet Society, pp.1--21, November 2001.

Digital Library

Google Scholar

[5]

D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramouli. Proposed NIST standard for Role-Based Access Control, ACM Trnsactions on Information and Systems Security, vol.4(3), August 2001.

Digital Library

Google Scholar

[6]

E. Bertino, B. Catania, M. L. Damiani, and P. Perlasca. GEO-RBAC: a spatially aware RBAC, In Proceedings of the tenth ACM symposium on Access control models and technologies, pp.29--37, NY, USA, 2005.

Digital Library

Google Scholar

[7]

I. Ray and M. Toahchoodee. A Spatio-Temporal Role-Based Access Control Model, In DBSec 2007, Data and Application Security, Lecture Notes in Computer Science, vol.4602, pp.211--226, 2007.

Digital Library

Google Scholar

[8]

E. Tomur and Y. M. Erten. Application of Temporal and Spatial role based access control in 802.11 wireless networks, Journal of Computers & Security, vol.25, issue 6, pp.452--458, September 2006.

Digital Library

Google Scholar

[9]

R. Laborde, B. Nasser, F. Grasset, F. Barrere, and A. Benzekri. A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC policies, Electronic Notes in Theoritical Computer Science, vol.121, pp.117--142, February 2005.

Digital Library

Google Scholar

[10]

Y. S. Mahajan, Z. Fu, and S. Malik. Zchaff 2004: An efficient SAT solver, In Proceedings of 8th International Conference on Theory and Application of Satisfiability Testing, LNCS 3542, pp.360--375, Scotland, June 2005.

Digital Library

Google Scholar

[11]

Bhagyavati, W. C. Summers and A. Dejoie. Wireless security techniques: an overview, In Proceedings of 1st International Conference on Information Security curriculum development (InfoSecCD04), pp.82--87, ACM Press, Georgia, NY, 2004.

Digital Library

Google Scholar

[12]

N. Smyth, M. McLoone, J. V. McCanny. Reconfigurable hardware acceleration of WLAN security, IEEE Workshop on Signal Processing Systems, pp.194--199, October 2004.

Google Scholar

[13]

RFC4721, Internet Engineering Task Force, 2007.

Google Scholar

[14]

P. Bera, S. K. Ghosh and Pallab Dasgupta. A Spatio-Temporal Role-Based Access Control Model for Wireless LAN Security Policy Management, 4th International Conference on Information Systems,Technology and Management (ICISTM 2010), LNCS Springer Berlin, vol.54, pp.76--88 Bangkok, Thailand, March 2010.

Google Scholar

Cited By

View all

Maity SGhosh SAl-Shaer E(2015)PoliConSecurity and Communication Networks10.1002/sec.9908:3(418-430)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.1002/sec.990
Maity SGhosh S(2014)Conflict Resolution in Heterogeneous Co-allied MANETProceedings of the 15th International Conference on Distributed Computing and Networking - Volume 831410.1007/978-3-642-45249-9_22(332-346)Online publication date: 4-Jan-2014
https://dl.acm.org/doi/10.1007/978-3-642-45249-9_22
Maity SGhosh SGaur MElçi AMakarevich OOrgun MSingh V(2012)Enforcement of access control policy for mobile ad hoc networksProceedings of the Fifth International Conference on Security of Information and Networks10.1145/2388576.2388582(47-52)Online publication date: 25-Oct-2012
https://dl.acm.org/doi/10.1145/2388576.2388582

Index Terms

A mobile IP based WLAN security management framework with reconfigurable hardware acceleration
1. Networks
  1. Network types
    1. Mobile networks
    2. Wireless access networks

Recommendations

SP 800-127. Guide to Securing WiMAX Wireless Communications
Mobility management for all-IP mobile networks: mobile IPv6 vs. proxy mobile IPv6

Recently, a network-based mobility management protocol called Proxy Mobile IPv6 (PMIPv6) is being actively standardized by the IETF NETLMM working group, and is starting to attract considerable attention among the telecommunication and Internet ...
Security policy compliance with violation management
FMSE '07: Proceedings of the 2007 ACM workshop on Formal methods in security engineering

A security policy of an information system is a set of security requirements that correspond to permissions, prohibitions and obligations to execute some actions when some contextual conditions are satisfied. Traditional approaches consider that the ...

Comments

Information & Contributors

Information

Published In

SIN '10: Proceedings of the 3rd international conference on Security of information and networks

September 2010

286 pages

ISBN:9781450302340

DOI:10.1145/1854099

General Chairs:
Oleg Makarevich
Southern Federal University, Russia
,
Atilla Elçi
Toros University, Turkey
,
Mehmet Orgun
Macquarie University, Australia
,
Sorin A. Huss
Technische Universität Darmstadt, Germany
,
Program Chairs:
Ludmila Babenko
Southern Federal University, Russia
,
Alexander Chefranov
Eastern Mediterranean University, North Cyprus
,
Vijay Varadharajan
Macquarie University, Australia

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Macquarie U., Austarlia
Darmstadt U., Germany
TBD, North Cyprus
TIT, South. Fed. U., Russia
Taganrog Institute of Technologies

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 September 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

SIN '10

Sponsor:

Microsoft
RFBR

SIN '10: 3rd International Conference of Security of Information and Networks

September 7 - 11, 2010

Rostov-on-Don, Taganrog, Russian Federation

Acceptance Rates

Overall Acceptance Rate 102 of 289 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
278
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Maity SGhosh SAl-Shaer E(2015)PoliConSecurity and Communication Networks10.1002/sec.9908:3(418-430)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.1002/sec.990
Maity SGhosh S(2014)Conflict Resolution in Heterogeneous Co-allied MANETProceedings of the 15th International Conference on Distributed Computing and Networking - Volume 831410.1007/978-3-642-45249-9_22(332-346)Online publication date: 4-Jan-2014
https://dl.acm.org/doi/10.1007/978-3-642-45249-9_22
Maity SGhosh SGaur MElçi AMakarevich OOrgun MSingh V(2012)Enforcement of access control policy for mobile ad hoc networksProceedings of the Fifth International Conference on Security of Information and Networks10.1145/2388576.2388582(47-52)Online publication date: 25-Oct-2012
https://dl.acm.org/doi/10.1145/2388576.2388582

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

SP 800-127. Guide to Securing WiMAX Wireless Communications

Mobility management for all-IP mobile networks: mobile IPv6 vs. proxy mobile IPv6

Security policy compliance with violation management

Comments

Information

Published In

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations