Learning Centre

Security Mechanisms for a Cooperative Firewall

 |  Login

Show simple item record

dc.contributor Aalto-yliopisto fi
dc.contributor Aalto University en
dc.contributor.advisor Beijar, Nicklas
dc.contributor.author Kabir, Hammad
dc.date.accessioned 2014-04-17T10:09:13Z
dc.date.available 2014-04-17T10:09:13Z
dc.date.issued 2014-03-31
dc.identifier.uri https://aaltodoc.aalto.fi/handle/123456789/12903
dc.description.abstract The growing number of mobile users and mobile broadband subscriptions around the world calls for support of mobility in the Internet and also demands more addresses from the already depleting IP address space. The deployment of Network Address Translation (NAT) at network edges to extend the lifetime of IPv4 address space introduced the reachability problem in the Internet. While various NAT traversal proposals have attempted to solve the reachability problem, no perfect solution for mobile devices has been proposed. A solution is proposed at COMNET department of Aalto University, which is called Customer Edge Switching and it has resulted in a prototype called Customer Edge Switches (CES). While it addresses many of the current Internet issues i.e. reachability problem, IPv4 address space depletion, so far security has generally been considered out of scope. This thesis aims at identifying the security vulnerabilities present within the CES architecture. The architecture is secured against various network attacks by presenting a set of security models. The evaluation and performance analysis of these security models proves that the CES architecture is secured against various network attacks only by introducing minimal delay in connection establishment. The delay introduced does not affect the normal communication pattern and the sending host does not notice a difference compared to the current situation. For legacy interworking a CES can have the Private Realm Gateway (PRGW) function. The security mechanisms for PRGW also generate promising results in terms of security. The thesis further contributes towards security by discussing a set of deployment models for PRGW and CES-to-CES communication. en
dc.format.extent 115+3
dc.format.mimetype application/pdf en
dc.language.iso en en
dc.title Security Mechanisms for a Cooperative Firewall en
dc.type G2 Pro gradu, diplomityö en
dc.contributor.school Sähkötekniikan korkeakoulu fi
dc.subject.keyword IP en
dc.subject.keyword CES en
dc.subject.keyword security en
dc.subject.keyword traversal en
dc.subject.keyword DoS en
dc.subject.keyword NAT en
dc.subject.keyword reachability en
dc.identifier.urn URN:NBN:fi:aalto-201404181705
dc.programme.major Networking Technology fi
dc.programme.mcode S3029 fi
dc.type.ontasot Diplomityö fi
dc.type.ontasot Master's thesis en
dc.contributor.supervisor Kantola, Raimo
dc.programme TLT - Master’s Programme in Communications Engineering fi
dc.location P1 fi
local.aalto.openaccess yes
local.aalto.digifolder Aalto_05872
dc.rights.accesslevel openAccess
local.aalto.idinssi 48906
dc.type.publication masterThesis
dc.type.okm G2 Pro gradu, diplomityö

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search archive

Advanced Search

article-iconSubmit a publication