ESMP: um protocolo de segurança multicast para uma arquitetura de Internet do Futuro
| Ano de defesa: | 2019 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Federal de Uberlândia
Brasil Programa de Pós-graduação em Ciência da Computação |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | https://repositorio.ufu.br/handle/123456789/24488 http://dx.doi.org/10.14393/ufu.di.2019.342 |
Resumo: | The internet has shown itself incapable of responding to the new requirements (QoS, mobility, multicasting, security, etc.) demanded by the emergence of new applications, devices, and services in the global computer network. These limitations have led researchers around the world to think of new network architectures. These architectures are called Future Internet Architectures, and their primary function is to meet the demands of current and future applications. Brazil has some initiatives, and one of them is the Entity Title Architecture (ETArch). Among its main objectives, we can mention the ability to make multicast communication intrinsically and to make a semantic approximation between its layers, in such a way that the intermediary layers consider the requirements of the communicating entities (applications, sensors, etc.) in the establishment of communication. About these deficiencies, security is a prerequisite for the deployment of any architecture. On the other hand, multicasting is essential to the proliferation of digital media applications, multiplayer games, etc. The motivation for this work is intended to solve these two requirements simultaneously. The goal is to build a specification for a multicast security protocol (ESMP) that transforms a multicast communication environment into a trusted network, where entities can trust one another to make secure communication. This goal involves the creation of various security services/mechanisms, such as confidentiality, integrity, key management, availability, and authentication. This specification was applied to the ETArch architecture. This choice was due to its characteristics to offer intrinsic multicasting, being highly flexible regarding the needs of applications and having a very close view of the abstraction proposed by Software Defined Networks. We assumed that the environment of secure communication of information must be defined even before the data transmission, which means, the protection of the information transmitted in the data plan will be given when the control plan has already performed the operations necessary for the establishment of the secure multicast communication environment. Software Defined Networks and technologies like OpenFlow make this hypothesis viable. In this work, the ESMP multicast security specification was defined, and the proposed security services/mechanisms were also demonstrated through analysis and evaluation methods. Once the security environment is established, the communications made in the control/data plan are protected from imminent attacks on the network. Some results are obtained: ESMP can mitigate much of the attacks modeled by the method of analysis and evaluation, such as snooping attacks, message modification attacks, reflection attacks, masquerading attacks, etc .; ESMP can provide security services and mechanisms that compete with the major security protocols of the legacy architecture and with MobilityFirst; the ESMP security services/mechanisms support the multicast communication context. |