TY - GEN
T1 - MLCC
T2 - 2nd International Conference on Networking, Architecture, and Storage, NAS 2007
AU - Ouyang, Kai
AU - Chu, Xiaowen
AU - Dong, Lijun
AU - Wang, Hengqing
AU - Cai, Ting
N1 - Copyright:
Copyright 2009 Elsevier B.V., All rights reserved.
PY - 2007
Y1 - 2007
N2 - The security model is the key component in the security of network topology research. Especially in the Virtual Private Network (VPN) topology, with the emergence of the tunneling, private routing and cipher technology in VPN, there are two embarrassments for the protection of the entire VPN topology. One is that internal services will be uncovered in the Internet by the tunneling, which can be compromised by attacking the client-side endpoint of a VPN tunnel. The other is that firewall and Intrusion Detection System (IDS) could not completely analyze the network packet content because of the private routing and cipher technology. Based on the analysis of the VPN topology, we put forward the Multi-Layered Correlative Control (MLCC) mechanism. MLCC is a multi-layered security protection mechanism based on VPN gateway incorporating client end-point, firewall, IDS and internal services. There are three types of correlative technology introduced in MLCC, which are endpoint extending, component correlation and service engine. By their combination, MLCC can turn the VPN protection into a correlative and full model and improve the security of the VPN topology. Finally, the performance analysis based on our prototype is presented.
AB - The security model is the key component in the security of network topology research. Especially in the Virtual Private Network (VPN) topology, with the emergence of the tunneling, private routing and cipher technology in VPN, there are two embarrassments for the protection of the entire VPN topology. One is that internal services will be uncovered in the Internet by the tunneling, which can be compromised by attacking the client-side endpoint of a VPN tunnel. The other is that firewall and Intrusion Detection System (IDS) could not completely analyze the network packet content because of the private routing and cipher technology. Based on the analysis of the VPN topology, we put forward the Multi-Layered Correlative Control (MLCC) mechanism. MLCC is a multi-layered security protection mechanism based on VPN gateway incorporating client end-point, firewall, IDS and internal services. There are three types of correlative technology introduced in MLCC, which are endpoint extending, component correlation and service engine. By their combination, MLCC can turn the VPN protection into a correlative and full model and improve the security of the VPN topology. Finally, the performance analysis based on our prototype is presented.
UR - http://www.scopus.com/inward/record.url?scp=47749106063&partnerID=8YFLogxK
U2 - 10.1109/NAS.2007.39
DO - 10.1109/NAS.2007.39
M3 - Conference proceeding
AN - SCOPUS:47749106063
SN - 0769529275
SN - 9780769529271
T3 - International Conference on Networking, Architecture, and Storage, NAS 2007
SP - 37
EP - 43
BT - International Conference on Networking, Architecture, and Storage, NAS 2007
Y2 - 29 July 2007 through 31 July 2007
ER -