The locator/ID separation paradigm has been widely discussed to resolve the serious scalability issue that today's Internet is facing. Many researches have been carried on with this issue to alleviate the routing ...The locator/ID separation paradigm has been widely discussed to resolve the serious scalability issue that today's Internet is facing. Many researches have been carried on with this issue to alleviate the routing burden of the Default Free Zone (DFZ), improve the traffic engineering capabilities and support efficient mobility and multi-homing. However, in the locator/ID split networks, a third party is needed to store the identifier-to-locator pairs. How to map identifiers onto locators in a scalable and secure way is a really critical challenge. In this paper, we propose SS-MAP, a scalable and secure locator/ID mapping scheme for future Internet. First, SS-MAP uses a near-optimal DHT to map identifiers onto locators, which is able to achieve the maximal performance of the system with reasonable maintenance overhead relatively. Second, SS-MAP uses a decentralized admission control system to protect the DHT-based identifier-to-locator mapping from Sybil attacks, where a malicious mapping server creates numerous fake identities (called Sybil identifiers) to control a large fraction of the mapping system. This is the first work to discuss the Sybil attack problem in identifier-to-locator mapping mechanisms with the best knowledge of the authors. We evaluate the performance of the proposed approach in terms of scalability and security. The analysis and simulation results show that the scheme is scalable for large size networks and can resistant to Sybil attacks.展开更多
应用测试和测试控制表示法第三版(testing and test control notation version 3,TTCN-3)设计了一种名址分离协议(locator/identity separation protocol,LISP)的一致性自动化测试系统。该系统根据LISP协议标准RFC6830和RFC6833,运用抽...应用测试和测试控制表示法第三版(testing and test control notation version 3,TTCN-3)设计了一种名址分离协议(locator/identity separation protocol,LISP)的一致性自动化测试系统。该系统根据LISP协议标准RFC6830和RFC6833,运用抽象语法规则1(abstract syntax notation one,ASN.1)描述报文结构,设计测试用例,编写测试脚本。脚本通过自动下发配置,构造数据报文,完成交互过程。对LISP基本功能实现的9个测试点进行协议一致性测试,测试结果表明,9个测试点均通过测试。展开更多
基金supported in part by National Key Basic Research Program of China (973 program) under Grant No.2007CB307101,2007CB307106National Key Technology R&D Program under Grant No.2008BAH37B03+2 种基金Program of Introducing Talents of Discipline to Universities (111 Project) under Grant No. B08002National Natural Science Foundation of China under Grant No.60833002China Fundamental Research Funds for the Central Universities under Grant No.2009YJS016
文摘The locator/ID separation paradigm has been widely discussed to resolve the serious scalability issue that today's Internet is facing. Many researches have been carried on with this issue to alleviate the routing burden of the Default Free Zone (DFZ), improve the traffic engineering capabilities and support efficient mobility and multi-homing. However, in the locator/ID split networks, a third party is needed to store the identifier-to-locator pairs. How to map identifiers onto locators in a scalable and secure way is a really critical challenge. In this paper, we propose SS-MAP, a scalable and secure locator/ID mapping scheme for future Internet. First, SS-MAP uses a near-optimal DHT to map identifiers onto locators, which is able to achieve the maximal performance of the system with reasonable maintenance overhead relatively. Second, SS-MAP uses a decentralized admission control system to protect the DHT-based identifier-to-locator mapping from Sybil attacks, where a malicious mapping server creates numerous fake identities (called Sybil identifiers) to control a large fraction of the mapping system. This is the first work to discuss the Sybil attack problem in identifier-to-locator mapping mechanisms with the best knowledge of the authors. We evaluate the performance of the proposed approach in terms of scalability and security. The analysis and simulation results show that the scheme is scalable for large size networks and can resistant to Sybil attacks.
文摘应用测试和测试控制表示法第三版(testing and test control notation version 3,TTCN-3)设计了一种名址分离协议(locator/identity separation protocol,LISP)的一致性自动化测试系统。该系统根据LISP协议标准RFC6830和RFC6833,运用抽象语法规则1(abstract syntax notation one,ASN.1)描述报文结构,设计测试用例,编写测试脚本。脚本通过自动下发配置,构造数据报文,完成交互过程。对LISP基本功能实现的9个测试点进行协议一致性测试,测试结果表明,9个测试点均通过测试。