Огляд теоретичних рішень щодо безпечної маршрутизації в інфокомунікаційних мережах

Oleksandra Yeremenko

doi:10.30837/pt.2019.1.01

Authors

Oleksandra Yeremenko Kharkiv National University of Radio Electronics, Ukraine

DOI:

https://doi.org/10.30837/pt.2019.1.01

Keywords:

Routing, Network, Security, Path, Model, Method

Abstract

In this article, an overview of theoretical solutions for secure routing in infocommunication networks (ICNs) ranging from empirical solutions to system optimization approaches has been provided. Due to the fact that network security solutions must be complex in terms of both organizational and technical aspects, the implementation of all available technological and protocol means used at different levels of the OSI model should be implemented in practice. An important place in this set of means is taken precisely by the technological solutions of the Network Layer, namely routing protocols. The analysis has shown that proactive solutions related to the use of threshold cryptography, which is widely used to enhance network security in ICN, have great potential. At the same time, in multipath secure routing, it is promising to use not only disjoint paths but also a special class of overlapping paths, which form the basis of composite paths and contain network fragments with serial and/or parallel connection of network communication links. However, the use of proactive network security solutions in ICN should be complemented by appropriate reactive means when the network remains operational, even with the local compromise of its elements, such as paths, that require the development of new mathematical models and methods for secure fast rerouting.

References

Hutchison D., Galis A., Gavras, A. The Future Internet-LNCS 7858. Springer-Verlag Berlin Heidelberg. 2013. 401 p. DOI: 10.1007/978-3-642-38082-2.

Chaparadza R., Wodczak M., Meriem T.B., De Lutiis P., Tcholtchev N., Ciavaglia L. Standardization of resilience & survivability, and autonomic fault-management, in evolving and future networks: an ongoing initiative recently launched in ETSI. Design of Reliable Communication Networks (DRCN) 2013: Proceedings of the 9th International Conference. Budapest, Hungary, 4-7 March, 2013. IEEE, 2013. P. 331-341.

Quality of service regulation manual. 2017. ITU. 176 p. URL: https://www.itu.int/pub/D-PREF-BB.QOS_REG01-2017.

Matsubara D., Egawa T., Nishinaga N., Kafle V.P., Shin M.K., Galis A. Toward future networks: A viewpoint from ITU-T. IEEE Communications Magazine. 2013. Vol. 51, No. 3. P.112-118.

Barona López L.I., Valdivieso Caraguay Á.L., Sotelo Monge M.A., García Villalba L.J. Key technologies in the context of future networks: operational and management requirements. Future Internet. 2017. Vol. 9, No. 1. P. 1-15. DOI: https://doi.org/10.3390/fi9010001.

Cholda P., Tapolcai J., Cinkler T., Wajda K., Jajszczyk A. Quality of resilience as a network reliability characterization tool. IEEE network. 2009. Vol. 23, No. 2. P. 11-19. DOI: 10.1109/MNET.2009.4804331.

Tipper D. Resilient network design: challenges and future directions. Telecommunication Systems. 2014. Vol. 56, No. 1. P. 5-16. DOI: 10.1007/s11235-013-9815-x.

Rak J. Resilient Routing in Communication Networks (Computer Communications and Networks), 1st edition. Springer, 2015. 181 p.

Mauthe A., Hutchison D., Cetinkaya E.K., Ganchev I., Rak J., Sterbenz J.P., Gunkelk M., Smith P., Gomes T. Disaster-resilient communication networks: Principles and best practices. Resilient Networks Design and Modeling (RNDM) 2016: Proceedings of the 8th International Workshop. Halmstad, Sweden, 13-15 September, 2016. IEEE, 2016. P. 1-10. DOI: 10.1109/RNDM.2016.7608262.

Телекомунікаційні системи та мережі. Структура та основні функції [Електронний ресурс] / В. В. Поповський та ін. Т. 1. Харків: СМІТ, 2011. Режим доступу: http://www.znanius.com/3534.html.

Лемешко О. В., Євсєєва О. Ю. Конспект лекцій з дисципліни «Алгоритми управління та адаптації в ТКС» для студентів денної форми навчання спеціальності 7.092401 – Телекомунікаційні системи та мережі. Харків: ХНУРЕ, 2008. 164 с.

Поповский В. В., Персиков А. В. Защита информации в телекоммуникационных системах. В 2-х т. Харьков: СМИТ, 2006.

Поповский В. В., Персиков А. В. Основы криптографической защиты информации в телекоммуникационных системах. В 2-х т. Харьков: СМИТ, 2010.

Ленков С. В., Перегудов Д. А., Хорошко В. А. Методы и средства защиты информации. Киев: Арий, 2008. 464 с.

Stallings W. Foundations of Modern Networking: SDN, NFV, QoE, IoT, and Cloud.1st Edition. Pearson Education Inc., 2016. 510 p.

Monge A. S., Szarkowicz K. G. MPLS in the SDN Era: Interoperable Scenarios to Make Networks Scale to New Services. 1st ed. O'Reilly Media, 2016. 920 p.

Schneier B. Data and Goliath: The hidden battles to collect your data and control your world. WW Norton & Company, 2015. 398 p.

Stallings W. Cryptography and Network Security: Principles and Practice. 7th Edition. Pearson, 2016. 768 p.

Новиков С. Н. Методология защиты пользовательской информации на основе технологий сетевого уровня мультисервисных сетей связи. М.: Горячая линия – Телеком, 2015. 128 с.

Björck F., Henkel M., Stirna J., Zdravkovic J. Cyber resilience–fundamentals for a definition. New Contributions in Information Systems and Technologies. 2015. Vol. 353. Springer, Cham. P. 311-316. DOI: https://doi.org/10.1007/978-3-319-16486-1_31.

Fink G. A., Griswold R. L., Beech Z. W. Quantifying cyber-resilience against resource-exhaustion attacks. Resilient Control Systems (ISRCS) 2014: Proceedings of the 7th International Symposium, Denver, CO, USA, 19-21 August, 2014. IEEE, 2014. P. 1-8. DOI: 10.1109/ISRCS.2014.6900093.

Choras M., Kozik R., Bruna M.P.T., Yautsiukhin A., Churchill A., Maciejewska I., Eguinoa I., Jomni A. Comprehensive approach to increase cyber security and resilience. Availability, Reliability and Security (ARES) 2015: Proceedings of the 10th International Conference. Toulouse, France, 24-27 August, 2015. IEEE, 2015. P. 686-692. DOI: 10.1109/ARES.2015.30.

Musman S. Assessing prescriptive improvements to a system's cyber security and resilience. Systems Conference (SysCon) 2016: Proceedings of the Annual IEEE Conference. Orlando, FL, USA, 18-21 April, 2016. IEEE, 2016. P. 1-6. DOI: 10.1109/SYSCON.2016.7490660.

Galinec D., Steingartner W. Combining cybersecurity and cyber defense to achieve cyber resilience. Informatics 2017: Proceedings of the IEEE 14th International Scientific Conference. Poprad, Slovakia, 14-16 November, 2017. IEEE, 2017. P. 87-93. DOI: 10.1109/INFORMATICS.2017.8327227.

ITU-T X-805. Security architecture for systems providing end-to-end communications. October 2003. 28 p. URL: https://www.itu.int/rec/T-REC-X.805-200310-I/en.

ISO 7498-1:1994 Information technology – Open Systems Interconnection –Basic Reference Model: The Basic Model. International Standard ISOIEC, 74981, 1994. 59 p.

ISO 7498-2:1989 Information processing systems – Open Systems Interconnection – Basic Reference Model – Part 2: Security Architecture, 1989, 32 p.

ITU-T X-800. Security architecture for Open Systems Interconnection for CCITT applications. March 1991. 48 p. URL: https://www.itu.int/rec/T-REC-X.800-199103-I.

Santos O., Kampanakis P., Woland A. Cisco Next-Generation Security Solutions: All-in-one Cisco ASA Firepower Services, NGIPS, and AMP. 1 edition. Cisco Press, 2016. 368 p.

Al-Kuwaiti M., Kyriakopoulos N., Hussein S. A comparative analysis of network dependability, fault-tolerance, reliability, security, and survivability. IEEE Communications Surveys & Tutorials. 2009. Vol. 11, No. 2. P. 106-124. DOI: 10.1109/SURV.2009.090208.

Kaur R., Kashmira P., Meena K., Mohapatra A. K. Survey on Different Techniques of Threshold Cryptography. Journal of Electronics and Communication Engineering (IOSR-JECE). 2017. P. 114-119.

Venukumar V., Pathari V. A survey of applications of threshold cryptography – proposed and practiced. Information Security Journal: A Global Perspective. 2016. Vol. 25, No. 4-6. P.180-190. DOI: 10.1080/19393555.2016.1251996.

Sarma K. S., Lamkuche H. S., Umamaheswari S. A Review of Secret Sharing Schemes. Research Journal of Information Technology. 2013. Vol. 5. P.67-72. DOI: 10.3923/rjit.2013.67.72.

Lou W., Kwon Y. H-SPREAD: A Hybrid Multipath Scheme for Secure and Reliable Data Collection in Wireless Sensor Networks. IEEE Transactions on Vehicular Technology. 2006. Vol. 55, No. 4. P. 1320–1330. DOI: 10.1109/TVT.2006.877707.

Lou W., Liu W., Fang Y. SPREAD: Enhancing Data Confidentiality in Mobile Ad Hoc Networks. INFOCOM 2004: Proceedings of the Twenty-third Annual Joint Conference of the IEEE Computer and Communications Societies. Hong Kong, China, 7-11 March, 2004. IEEE, 2004. P. 2404–2413. DOI: 10.1109/INFCOM.2004.1354662.

Alouneh S., En-Nouaary A., Agarwal A. A Multiple LSPs Approach to Secure Data in MPLS Networks. Journal of Networks. 2007. Vol. 2, No. 4. P. 51–58. DOI: 10.4304/jnw.2.4.51-58.

Alouneh S., Agarwal A., En-Nouaary A. A Novel Path Protection Scheme for MPLS Networks using Multi-path Routing. Computer Networks: The International Journal of Computer and Telecommunications Networking. 2009. Vol. 53, No. 9. P. 1530–1545. DOI: 10.1016/j.comnet.2009.02.001.

Кулаков Ю. А., Лукашенко В. В., Левчук А. В. Безопасная многопутевая маршрутизация в беспроводных сетях большой размерности. Захист інформації. 2011. Том 13, №2(51). С. 5–10. DOI: 10.18372/2410-7840.13.2018.

Gupta D., Segal A., Panda A., Segev G., Schapira M., Feigenbaum J., Rexford J., Shenker S. A new approach to interdomain routing based on secure multi-party computation. Hot Topics in Networks: Proceedings of the 11th ACM Workshop. October, 2012. ACM, 2012. P. 37-42. DOI: 10.1145/2390231.2390238.

Gharib M., Yousefizadeh H., Movaghar A. Secure Overlay Routing for Large Scale Networks. IEEE Transactions on Network Science and Engineering. 2018. Vol. 1. P. 1-12. DOI: 10.1109/TNSE.2018.2812830.

Чевардін В. Є., Романюк В. А., Шевченко В. С. Модель загроз безпеки інформації в сучасних телекомунікаційних мережах з динамічною топологією. Збірник наукових праць ВІТІ НТУУ «КПІ». 2012. №2. С. 90–95.

Снегуров А. В., Чакрян В. Х. Метод формирования метрик маршрутизации, основанный на рисках информационной безопасности. Системи управління, навігації та зв’язку. 2012. №4(24). С. 105-110.

Snihurov A., Chakrian V. Improvement of EIGRP Protocol Routing Algorithm with the Consideration of Information Security Risk Parameters. Scholars Journal of Engineering and Technology. 2015. Vol. 3, No. 8. P. 707-714.

Yeremenko O., Lemeshko O., Persikov A. Secure Routing in Reliable Networks: Proactive and Reactive Approach. Advances in Intelligent Systems and Computing II, CSIT 2017, Advances in Intelligent Systems and Computing, Springer, Cham. 2018. Vol. 689. P. 631–655. DOI: 10.1007/978-3-319-70581-1_44.

Еременко А. С. Методика расчета вероятности компрометации сообщения при использовании пересекающихся маршрутов с последовательно-параллельной или комбинированной структурой. Наукові записки Українського науково-дослідного інституту зв’язку. 2015. №6(40). С. 64–71.

Gomes T., Martins L., Ferreira S., Pascoal M., Tipper D. Algorithms for determining a node-disjoint path pair visiting specified nodes. Optical Switching and Networking. 2017. Vol. 23. P. 189-204. DOI: https://doi.org/10.1016/ j.osn.2016.05.002.

Myslitski K., Rak J., Kuszner Ł. Toward fast calculation of communication paths for resilient routing. Networks. 2017. Vol. 70, No. 4. P. 308-326. DOI: https://doi.org/10.1002/net.21789.

Natarajan M. Graph Theory Algorithms for Mobile Ad Hoc Networks. Informatica – An International Journal of Computing and Informatics. 2012. Vol. 36. P. 185–200.

Suurballe J. W. Disjoint paths in a network. Neworks. 1974. Vol. 4, No. 2. P. 125–145.

Lemeshko O., Romanyuk A., Kozlova H. Design schemes for MPLS Fast ReRoute. Experience of Designing and Application of CAD Systems in Microelectronics (CADSM) 2013: Proceedings of the 12th International Conference. Polyana Svalyava, Ukraine, 19 23 February, 2013. IEEE, 2013. P. 202–203.

An overview of theoretical solutions for secure routing in infocommunication networks

Authors

DOI:

Keywords:

Abstract

References

Downloads

Published

Issue

Section

License

Developed By

Language

Information