TY - GEN
T1 - Routing with confidence
T2 - Proceedings - Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY 2004
AU - Kapadia, Apu
AU - Naldurg, Prasad
AU - Campbell, Roy H.
PY - 2004
Y1 - 2004
N2 - We propose a novel policy-based secure routing framework that extends the mandatory nature of network access-control policies and allows users to exercise discretionary control on what routes they choose in a given network. In contrast to existing research that focuses mainly on restricting network access based on user credentials, we present a model that allows users to specify discretionary constraints on path characteristics and discover routes based on situational trust attributes of routers in a network. In this context, we present three levels of trust-attribute certification based on inherent, consensus based, and inferred characteristics of routers. We also define a "confidence " measure that captures the "quality of protection" of a route with regard to various dynamic trust relationships that arise from this interaction between user preferences and network policy. Based on this measure, we show how to generate paths of highest confidence efficiently by using shortest path algorithms. We show how our model generalizes the notion of Quality of Protection (QoP) for secure routing and discuss how it can be applied to anonymous and privacy-aware routing, intrusion tolerant communication, and secure resource discovery for ubiquitous computing, high performance, and peer-to-peer environments.
AB - We propose a novel policy-based secure routing framework that extends the mandatory nature of network access-control policies and allows users to exercise discretionary control on what routes they choose in a given network. In contrast to existing research that focuses mainly on restricting network access based on user credentials, we present a model that allows users to specify discretionary constraints on path characteristics and discover routes based on situational trust attributes of routers in a network. In this context, we present three levels of trust-attribute certification based on inherent, consensus based, and inferred characteristics of routers. We also define a "confidence " measure that captures the "quality of protection" of a route with regard to various dynamic trust relationships that arise from this interaction between user preferences and network policy. Based on this measure, we show how to generate paths of highest confidence efficiently by using shortest path algorithms. We show how our model generalizes the notion of Quality of Protection (QoP) for secure routing and discuss how it can be applied to anonymous and privacy-aware routing, intrusion tolerant communication, and secure resource discovery for ubiquitous computing, high performance, and peer-to-peer environments.
UR - http://www.scopus.com/inward/record.url?scp=11244351810&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=11244351810&partnerID=8YFLogxK
U2 - 10.1109/POLICY.2004.1309149
DO - 10.1109/POLICY.2004.1309149
M3 - Conference contribution
AN - SCOPUS:11244351810
SN - 076952141X
SN - 9780769521411
T3 - Proceedings - Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY 2004
SP - 45
EP - 54
BT - Proceedings - Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY 2004
Y2 - 7 June 2004 through 9 June 2004
ER -